I've found following code
<?php
$_SERVER['PHP_AUTH_USER'] = 'Me';
if (empty($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}
?>
according to the above code, it prompts a username and password empty fields. I'm trying to find a way to force a username to always show up, but keeping password for the user to type it. So is there a way to always lock the username ? Please help.
HTTP Basic Authentication is specified in RFC 2617. I did not found anything about a default user name there. That's why I would say it is impossible to set this by the server. But some browsers may cache the user name and password if you have once logged in.