Dan Trainor wrote:
Hello once more, all -
I was wondering if it's at all possible to redirect a user to a remote
site, while passing HTTP AUTH credentials somehow.
Yes, but...
I'd rather not use http://user:[EMAIL PROTECTED], however. There's got to
be a different way. I understand that the user's browser is the actual
element in which the username and password are stored for HTTP auth. Is
there a way to "inject" or "update" this information without any
interaction from the visitor him/herself?
That is the only way to do it. Not only that, but I don't think it works
on IE6 with Windows XP SP2 (I think, from memory, that they disabled
passing username and password in the URL for security reasons. Not sure,
though, as I haven't used Windows for a long time).
I would suggest setting a cookie with the other website's domain for
them to look at (will the browsers let you do that? never tried), or
implementing something in the backend, like an XMLRPC request
behind-the-scenes that identifies the user and gives them a unique ID,
which you could then pass to site.com in the query string.
--
Jasper Bryant-Greene
Freelance web developer
http://jasper.bryant-greene.name/
If you find my advice useful, please consider donating to a poor
student! You can choose whatever amount you think my advice was
worth to you. http://tinyurl.com/7oa5s
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
