Handling HTTP basic authentication in script?

**Jerry Stuckle** · Jul 18 '07, 01:45 AM

Re: Handling HTTP basic authentication in script?

Gilles Ganault wrote:

Hello
>
I have a PHP script rss.php that serves RSS to clients. It
work fine, but I'd like to server customized contents, and for this, I
need to know who the user is.
>
Unless there's a better way, it looks like the easiest way is to use
HTTP basic authentication:
>

Basic access authentication - Wikipedia

http://en.wikipedia.org/wiki/Basic_authentication_scheme

>
So I figure I should have a section in the script that starts with
prompts for a login/passwd, then fetch contents with a customized
SELECT, and format it as RSS before sending the output to the RSS
client.
>
Has someone written this before and could share some tips/code?
>
Thank you.

HTTP basic authentication/authorization is strictly between the browser
and the webserver. Your don't need anything in your pages.

Or you can implement your own (non-http) authentication/authorization
scheme. I've done several; there's not much to it.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Rik** · Jul 18 '07, 01:55 AM

Re: Handling HTTP basic authentication in script?

On Tue, 17 Jul 2007 22:13:19 +0200, Gilles Ganault <nospam@nospam. com>
wrote:

Hello
>
I have a PHP script rss.php that serves RSS to clients. It
work fine, but I'd like to server customized contents, and for this, I
need to know who the user is.
>
Unless there's a better way, it looks like the easiest way is to use
HTTP basic authentication:
>

Basic access authentication - Wikipedia

http://en.wikipedia.org/wiki/Basic_authentication_scheme

>
So I figure I should have a section in the script that starts with
prompts for a login/passwd, then fetch contents with a customized
SELECT, and format it as RSS before sending the output to the RSS
client.
>
Has someone written this before and could share some tips/code?

The manual has to come extent:

PHP: HTTP authentication with PHP - Manual

http://nl3.php.net/manual/en/features.http-auth.php

HTTP authentication with PHP

--
Rik Wasmus

C. · Jul 19 '07, 12:35 PM

Re: Handling HTTP basic authentication in script?

On 17 Jul, 21:13, Gilles Ganault <nos...@nospam. comwrote:

Hello
>
I have a PHP script rss.php that serves RSS to clients. It
work fine, but I'd like to server customized contents, and for this, I
need to know who the user is.
>
Unless there's a better way, it looks like the easiest way is to use
HTTP basic authentication:
>

Basic access authentication - Wikipedia

http://en.wikipedia.org/wiki/Basic_authentication_scheme

>
So I figure I should have a section in the script that starts with
prompts for a login/passwd, then fetch contents with a customized
SELECT, and format it as RSS before sending the output to the RSS
client.
>
Has someone written this before and could share some tips/code?
>
Thank you.

Alternatively you could drop a cookie from a page which handles the
input of personalization details and pick it up in your script.

Both this and the HTTP authentication approach have a fundamental flaw
though - it may not be the users browser which access the RSS feed -
there may be an intermediate rendering agent doing the fetch on their
behalf - some may be happy to retain and pass on HTTP auth stuff but I
wouldn't count on it.

A more flexible solution might be to add additional paramters with the
RSS URL....

Example Domain

http://example.com/rss.php?user=gilles

(my igoogle page has a horoscope on it where I can configure my star
sign - but there's something more than just RSS going on here - as far
as I can tell, it goes beyond the scope of Atom too)

HTH

C.

Handling HTTP basic authentication in script?

Handling HTTP basic authentication in script?

Comment

Comment

Comment