Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Apache '.htaccess'

pworboys@xxxxxxxxxx wrote:
> Can the Apache '.htaccess' file be placed in a scripted alias directory
> i.e.: /cgi-bin, to ensure authentication when running scripts ?

Sure can. .htaccess applies to scripted and non-scripted directories alike

> If not, what is an appropriate method of protected simple scripts without
> the need of going to https.

Um ... how does https protect scripts? https: is not an access
control mechansim - it is used for content encryption.

> Also, once autenticated via the '.htaccess' method, is there a simple way
> of picking up the authenticated name from within a script. I have checked
> and it doesn't seem to get passed in any Apache enviroment variable.

It is a CGI environment variable: $REMOTE_USER

> What about Cookies ?

Yum yum.

Rick Welykochy || Praxis Services Pty Limited