Re: Creating a protected area of website

.htaccess authentication doesn't use cookies: the browser sends the password to the client againa t every page request in the protected directory or subdirectory of that. Usually, the user only has to enter the password one, and that's the behavior I notice on my web server with all the browsers I use (Mozilla, and rarely MSIE but it works).

Maybe it's a particular problem of your browser, or you need to tweak your server's configuration.

Michele.

Comment on Re: Creating a protected area of website

Replies are listed 'Best First'.
Re: Re: Creating a protected area of website by belize (Deacon) on Jun 04, 2003 at 00:17 UTC
In theory then, if I use htaccess in the root directory, the user should only have to login one time and then be able to browse about the website without having to enter the password again? Not happening though I have used MSIE and Mozilla on PC's and Macs. Is this the typical way to password protect an entire website? If so, is there some configuration that would produce this kind behavior?	[reply]
Re: Re: Re: Creating a protected area of website by ehdonhon (Curate) on Jun 04, 2003 at 01:09 UTC
The password is entered every single time. Its just that your browser remembers the password after the first time you type it in successfully and enters it automatically. For more information than you really want on how authentication works, go read RFC 2617.	[reply]