问题
This is how my .htaccess looks like:
AuthType Basic
AuthName "FORBIDDEN AREA"
AuthUserfile "../htdocs/site/.htpasswd"
AuthGroupFile /
Require valid-user
#Allow valid-user
Order Deny,Allow
Deny from all
SetEnvIf HTTP_COOKIE my_cookie_name norequire
Allow from env=norequire
Satisfy any
My user has a cookie, and if his cookie has a name "my_cookie_name" I would like that he bypasses the .htaccess login (authentication) so that he doesn't need to enter his username and password. I tried with SetEnvIF but it does't seem to work, or am I doing something wrong. If anyone has some suggestion I would be grateful to hear it?
Thanks
回答1:
You can use:
SetEnvIfNoCase Cookie PHPSESSID=.* PASS=1
AuthType Basic
AuthName "FORBIDDEN AREA"
AuthUserfile "../htdocs/site/.htpasswd"
AuthGroupFile /
Require valid-user
#Allow valid-user
Order Deny,Allow
Deny from all
Allow from env=PASS
Satisfy any
来源:https://stackoverflow.com/questions/24512346/bypass-htaccess-login-when-user-has-a-specific-cookie-setenvif