PhpMyAdmin automatic logon using BasicAuth in the browser _ PHP Tutorial

PhpMyAdmin automatically logs on to the browser using BasicAuth authentication. This article will introduce you to phpMyAdmin automatic logon authenticated by the browser BasicAuth. For more information, see. 1. automatically log on to phpMyAdmin. Finally, this article will introduce you to phpMyAdmin's automatic logon using the Basic Auth authentication in the browser. if you need to know about it, you can refer to it.

I. requirements
Automatically log on to phpMyAdmin. In the end, the system can automatically log on to all web pages that use Basic Auth authentication.

.
2. phpMyAdmin authentication methods
1. config configuration file. Write the username and password that can be logged on directly in the config. inc. php configuration file.
2. cookie. The most common method is to log on by entering the homepage form.
3. http. In HTTP Basic Authentication mode, use the pop-up dialog box of the browser to log on. The difference from cookie is mainly in user experience.
4. signon. Single sign-on, applicable to system integration. After logging on to a system, you can log on to phpMyAdmin with one click without having to enter the user name and password.
Reference: http://wiki.phpmyadmin.net/pma/Auth_types

In principle, the signon method should be the first choice to meet the needs, but there is always compromise and accommodation in project development, and the operation of the existing system should be minimized. In addition, while implementing signon login, you also need to retain the original user login mode, that is, the standby login method. This will complicate the problem.

3. what is Basic Auth?
The existing system uses the Basic Auth method, so I studied how to log on with one click in this case.

When you access a URL that requires HTTP Basic Authentication, if you do not provide the user name and password, the server will return 401. then, the browser will prompt you to enter the user name and password. Example:

The code is as follows:
If (! Isset ($ _ SERVER ['php _ AUTH_USER ']) { Header ('www-Authenticate: Basic realm = "My Realm "'); Header ('http/1.1 401 unauthorized '); } Else { Echo" Hello {$ _ SERVER ['php _ AUTH_USER ']}. "; Echo" You entered {$ _ SERVER ['php _ AUTH_PW ']} as your password. "; } ?>

Save it as login. php, and browse http: // localhost/login. php to view the effect.

Pop-up authentication dialog box for browsers Basic Auth: IE9 and Chrome
In the browser pop-up window, enter the user name and password. if you use Chrome developer tools (or Firebug) to view the password, you will find that it only sends a request header similar to the following:

Authorization: Basic bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ =
4. automatic login solution for Basic Auth authentication
There are two methods in principle to pass authentication.

• First, add Authorization to the request header (which can be implemented using Javascript ):
Authorization: "base64 encrypted string of Basic user name and password"
• Add the user name and password to the url (not supported by IE ):
Http: // username: password@domain.com/login. php

You can use XMLHttpRequest to add request headers in js. the implementation code is as follows:

The code is as follows:
Login Script Function login (){ Var username = document. getElementById ("username"). value; Var password = document. getElementById ("password"). value; Xhr = new XMLHttpRequest (); Xhr. open ("POST", "http: // localhost/login. php", false, username, password ); Xhr. send (null ); Return xhr. status = 200; } Script

Basic Auth-based automatic login solution --

1. the user name and password are directly written in the URL.

Disadvantage: it is not safe enough, and IE does not support it.

2. write a login form, fill in the username and password in the form in php, and then generate the Authorization request header for submission on the onload page.

Disadvantage: the system and phpMyAdmin must be in the same domain. For example, the system is in admin.domain.com, while phpMyAdmin is in phpmyadmin.domain.com. js cannot be submitted across domains.

3. the system will post the user name and password to a form in the domain where phpMyAdmin is located, and the form will be used to log in with js.

Disadvantage: you need to add a page in the domain where phpMyAdmin is located to implement cross-origin.

PhpMyAdmin automatically logs on to the authenticator using the login Auth method. if you need to know about it, go to the reference page. 1. automatically log on to phpMyAdmin. The final solution...