Re: [Phplib-users] Basic authentication
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Basic authentication
|
From: Peter K. <su...@si...> - 2002-02-13 08:38:40
|
Hello Chris,
> They have proposed that they create a form on their page such that when the
> submit button is clicked, they will POST the data to me and pass the
> username and password.
I don't understand how they will do that. Do you/they mean it like that:
1. user gets a loginform and enters username and password, press submit ("validate me!").
2. the login server must process the login
3. the login server validates login and shows a new form to the user with his/her username and password in hidden fields and
a new submit button ("go to the application!")
4. user presses the submit button and comes to your server
This is possible to implement. And it is secure as long as you trust in the users. Because in this setting the user can fake
the login server in building a form like that in 3. without having logged in really.
Or --- do you/they mean like that:
1. and 2. (as above)
3. login server validates login and sends username and password directly to your server via POST????
I don't know how to perform that. It may be possible, but I don't know how.
Peter Kursawe
|
