ionfish
Reputation: 165
Logon securely over cleartext using PHP?
I am using the Mediawiki API to create accounts on my server #1, and when the account is created I want to automatically login to the Mediawiki that is installed on a different server #2.
Server #2 has a script on there to accept username and password in a query string and automatically login to the Mediawiki that is installed on it.
How can I pass the credentials from Server #1 to Server #2 without compromising security info?
$postfield = "action=login&lgname=user&lgpassword=pass&lgtoken={$token}&format=json";
$url = "http://wiki.sign.com/api.php"; // url to wiki's api
Upvotes: 0
Views: 113
Answers (1)
Tgr
Reputation: 28200
Use symmetric encryption (AES, for example): one server encrypts the API parameters with a secret key, sends the encrypted string, the other server decrypts them with the same key.
Upvotes: 1
Related Questions
- Using MediaWiki ClientLogin For Sign In Verification
- Login with PHP and cURL
- An HTML AuthenticationRequest in Mediawiki
- MediaWiki login through php api
- One-time-passwords with mediawiki AuthPlugin
- Getting past security answer using PHP CURL
- How do I log into mediawiki using PHP cURL?
- PHP - Access to a password protected page
- PHP: Website User Authentication
- Login to website using PHP and CURL