Browser Basic Auth authentication phpMyAdmin automatic login_PHP tutorial

This article will introduce to you the automatic login of phpMyAdmin using browser Basic Auth authentication. Students who need to know more can refer to it.

1. Demand
Automatically log in to phpMyAdmin. Finally, we can solve the problem of automatically logging in to all web pages that use Basic Auth authentication.

.
2. Four authentication login methods for phpMyAdmin
1.config configuration file. Directly write the username and password allowed to log in in the config.inc.php configuration file.
2. Cookies. The most common way is to log in by filling out the form on the home page.
3.http. HTTP Basic Authentication method, using the browser's pop-up dialog box to log in. The difference from the cookie method mainly lies in the user experience.
4.signon. Single sign-on, suitable for system integration. After the user logs in to a system, he can log in to phpMyAdmin with one click without having to enter his username and password.
Reference: http://wiki.phpmyadmin.net/pma/Auth_types

Logically speaking, the signon method should be the preferred solution to meet the needs. However, project development always involves compromises and accommodations, and it is necessary to interfere with the operation of the existing system as little as possible. In addition, while implementing the signon method to log in, it is also necessary to retain the original login method of users entering their username and password, that is, a backup login solution. This complicates the matter.

3. What is Basic Auth
The existing system uses Basic Auth, so I studied how to log in with one click in this case.

When accessing a URL that requires HTTP Basic Authentication, if you do not provide a username and password, the server will return 401, and the browser will prompt you to enter a username and password. Examples are as follows:

The code is as follows	Copy code
代码如下	复制代码
if (!isset($_SERVER['PHP_AUTH_USER'])) {     header('WWW-Authenticate: Basic realm="My Realm"');     header('HTTP/1.1 401 Unauthorized'); } else {     echo " Hello {$_SERVER['PHP_AUTH_USER']}. ";     echo " You entered {$_SERVER['PHP_AUTH_PW']} as your password. "; } ?>

if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="My Realm"'); Header('HTTP/1.1 401 Unauthorized'); } else { echo "

Hello {$_SERVER['PHP_AUTH_USER']}.

"; echo "

You entered {$_SERVER['PHP_AUTH_PW']} as your password.

"; } ?>

Save it as login.php and browse http://localhost/login.php to check the effect.

Browser Basic Auth: Pop-up authentication dialog box for IE9 and Chrome
Enter the username and password in the window that pops up in the browser. If you use Chrome Developer Tools (or Firebug) to view it, you will find that it actually just sends an additional request header similar to the following:

Authorization: Basic bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ=
4. Basic Auth authentication automatic login solution
To pass the certification, there are basically 2 methods

•First, add Authorization in the request header (can be implemented with Javascript):
Authorization: “Basic base64 encrypted string of username and password”
•The second is to add the username and password in the url (not supported by IE):
http://username:password@domain.com/login.php

To add request headers using js, you can use XMLHttpRequest. The implementation code is as follows:

Return xhr.status == 200; }

The code is as follows

代码如下

复制代码

<script><br /> function login() {<br /> var username = document.getElementById("username").value;<br /> var password = document.getElementById("password").value;<br /> <br /> xhr = new XMLHttpRequest();<br /> xhr.open("POST", "http://localhost/login.php", false, username, password);<br /> xhr.send(null);<br /> <br /> return xhr.status == 200;<br /> }<br /> </script>         Login     username:           password:

Copy code

<script><p> function login() { var username = document.getElementById("username").value;<p> var password = document.getElementById("password").value; <p> xhr = new XMLHttpRequest(); xhr.open("POST", "http://localhost/login.php", false, username, password);<p> xhr.send(null); </script>

Login

username: password:

Basic Auth authentication automatic login solution, in summary—— 1. The username and password are written directly in the URL. Disadvantages: Not secure enough and not supported by IE. 2. Write a login form. PHP fills in the username and password into the form, and then when the page is loaded, js generates the Authorization request header and submits it Disadvantage: This system and phpMyAdmin must be in the same domain. For example, this system is in admin.domain.com, and phpMyAdmin is in phpmyadmin.domain.com. In this case, js cannot be submitted across domains. 3. This system posts the username and password to a form in the domain where phpMyAdmin is located, and then uses that form to log in using js. Disadvantage: You need to add a new page to the domain where phpMyAdmin is located to achieve cross-domain. http://www.bkjia.com/PHPjc/629832.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629832.htmlTechArticleThis article will introduce to you the automatic login of phpMyAdmin with browser Basic Auth authentication. Students who need to know more can enter refer to. 1. Requirements Automatically log in to phpMyAdmin. Finally able to solve...