tags:

views:

33

answers:

1
+1  Q: 

Handling authentication through AJAX?

This is a newbie question to AJAX experts: In case an unauthenticated user tries to post a comment to an article and send it to the server through AJAX, I need the remote PHP script to return...

  • a 401 and a logon/password form which the user will fill and try again, or
  • a 301 to redirect the user to a full-page logon/password form which, if successfull, will then return the user to the original comment page.

If possible, I'd rather use AJAX for both authentication + posting, so that the user doesn't need to see a full page just for authentication. Is it possible? FWIW, I'm using jQuery to learn about AJAX.

Thank you.

A: 

Yes. Your AJAX script might be making a request to, say, comment.php. That script should check if the session has been authorised, usually a variable in $_SESSION['...']. If so, then the comment should be handled. If not, the user should be directed by that script to log in.

Delan Azabani  2010-07-23 23:22:42
Thanks Delan for the tip.
 2010-07-24 21:26:21

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication