I'm trying to set up a php script which needs to get credentials that user has passed on login form. I have already set up form authentication on my apache server with login form which redirects user to php script but when I access "session" cookie I get a long encrypted line rather than separate records for username and password. Is there a way to make apache to pass these values to php script? And if there is, how I can access those values?
Please see details below:
.htaccess for directory where php script is - webi/.htaccess:
AuthFormProvider ldap
AuthType form
AuthFormLoginRequiredLocation "http://my.server.addr/webi/login/index.html"
AuthName "LDAP"
AuthLDAPURL "ldap://ldap.server.ip/ou=users,dc=example,dc=com"
Require valid-user
Session On
SessionEnv On
SessionCookieName session path=/
SessionCryptoPassphrase secret
SessionMaxAge 900
php script - webi/profile/index.php:
<?php
$cookie_name = "session";
if(isset($_COOKIE[$cookie_name]))
{
echo "<li class='active'><a href='#'><span>$_COOKIE[$cookie_name]</span></a></li>";
echo "<li><a href='#'><span>Update profile data</span></a></li>";
echo "<li><a href='#'><span>Company</span></a></li>";
echo "<li class='last'><a href='#'><span>Contact</span></a></li>";
}
else
{
echo "<li class='active'><a href='#'><span>NO PROFILE</span></a></li>";
}
?>
login form - webi/login/index.html:
<form class="form" method="POST" action="login-handler">
<input type="text" name="httpd_username" value="" placeholder="Username">
<input type="password" name="httpd_password" value="" placeholder="Password">
<button type="submit" name="login" id="login-button">Login</button>
<input type="hidden" name="httpd_location" value="http://my.server.addr/webi/profile" />
</form>
.htaccess for directory where login form is - webi/login/htaccess:
Require all granted
.htaccess for login-handler directory - webi/login/login-handler/.htaccess
SetHandler form-login-handler
AuthFormProvider ldap
AuthType form
AuthFormLoginRequiredLocation "http://my.server.addr/webi/login/index.html"
AuthName "LDAP"
AuthLDAPURL "ldap://ldap.server.ip/ou=users,dc=example,dc=com"
Require valid-user
Session On
SessionEnv On
SessionCookieName session path=/
SessionCryptoPassphrase secret
SessionMaxAge 900
Thanks)