Apache的认证:重定向失败,可靠?
我设置我的ErrorDocument 401点到我的网站的帐户创建页面,但不是所有的浏览器似乎兑现此重定向(Safari浏览器)。
I've set my ErrorDocument 401 to point to my website's account creation page, but not all browsers seem to honor this redirect (Safari).
此外,其他浏览器(火狐,Chrome)永远不会放弃要求的密码并显示的ErrorDocument。这会导致相当数量的用户放弃了很多的密码尝试之后尝试没有看到帐户创建页面。
Also, other browsers (Firefox, Chrome) never quit asking for the password and show the ErrorDocument. This causes a good number of users to give up trying after many password attempts without seeing the account creation page.
有没有什么办法让重定向更可靠,完全没有捣毁基本身份验证?
Is there any way to make the redirect more reliable, without trashing basic authentication altogether?
简单回答你的问题是,不,你不能让这更可靠,不实现自定义的身份验证。
The simple answer to your question is no, you can't make this more reliable without implementing custom authentication.
这是Firefox和Chrome,如果你点击取消按钮,将显示你在的ErrorDocument 401指令指定的页面的唯一途径。此外,也没有与401 HTTP code发送重定向;相反,它是用的ErrorDocument 401指令指定的文件的内容。您可以使用HTML meta标记做重定向:
The only way that Firefox and Chrome will display page that you specified in the ErrorDocument 401 directive is if you click cancel button. Also, there is no redirect sent with the 401 HTTP code; rather, it is a content of the document specified with ErrorDocument 401 directive. You can do redirect using HTML meta tag:
<Location "/protected">
AuthUserFile /path/to/users
AuthName "This is protected area"
AuthGroupFile /dev/null
AuthType Basic
Require valid-user
#ErrorDocument 401 /register.html
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=/register.html\"></html>"
</Location>
您的问题
可能的解决方案是创建自定义的基本HTTP认证模块,或用语言如PHP支持基本的HTTP认证钩
Possible solutions to your problem are to create custom basic HTTP authentication module or to use language like php that supports basic HTTP authentication hooks
http://php.net/manual/en/features.http-auth.php