02-24-2007, 05:47 PM
ust wondering what options I have for authentication on our admin areas.
I'm getting a bit bored of sessions expiring and re-logging in so I'm looking for alternatives.
The platform is Apache/PHP btw.
HTTP authentication doesn't expire if the browser stays open which is great. I can create separate usernames and log ins BUT...
Can I let my php scripts know who is logged in?
I basically have an admin access levels system where one person logging in sees only what they need whilst another might see more functionailty. Works great now with login and sessions but like I said, I hate the sessions expiring (and this is on a shared server so can't change the max sessions lenth I believe). It matches the log in details against the permissions.
Can I match HTTP authentication (via htaccess) somehow with my PHP scripts?
Also, someone mentioned PKI to me. Can anyone tell me whether/how that would work or refer me to a quality resource on this subject?
Thanks!
I'm getting a bit bored of sessions expiring and re-logging in so I'm looking for alternatives.
The platform is Apache/PHP btw.
HTTP authentication doesn't expire if the browser stays open which is great. I can create separate usernames and log ins BUT...
Can I let my php scripts know who is logged in?
I basically have an admin access levels system where one person logging in sees only what they need whilst another might see more functionailty. Works great now with login and sessions but like I said, I hate the sessions expiring (and this is on a shared server so can't change the max sessions lenth I believe). It matches the log in details against the permissions.
Can I match HTTP authentication (via htaccess) somehow with my PHP scripts?
Also, someone mentioned PKI to me. Can anyone tell me whether/how that would work or refer me to a quality resource on this subject?
Thanks!