|
|
Posted by ZeldorBlat on 09/14/07 13:39
On Sep 14, 7:45 am, Lado.Lesko...@gmail.com wrote:
> Hi!
>
> I was given a task to develop a php based application. All well, but
> now my boss wants me to make it more "user friendly" in a manner that
> they won't have to write in their usernames and passwords, which they
> already have too many.
>
> I figured, that I might be able to solve it, if I could somehow get
> windows login, but my atempts to find an apropriate function were
> unsucessfull.
>
> Someone suggested the use of WinBinder to a similar question somewhere
> else, but reading through documentation, I couldn't find what I was
> looking for. I also found posix_getlogin(), but it appears not to be
> available on Windows platform. If I try the get_current_user();
> function, the return value is SYSTEM... Can I somehow work with
> $_SERVER["REMOTE_USER"] perhaps? If I try it, the return is empty (or
> at least echo returns nothing).
>
> I'm developing under WinXP, Apache 2.2, PHP 5.2, however after I
> finish, it will be on Windows Server 2003 Standard edition... The
> company does use Active Directory, but I had no idea what PHP LDAP
> functions manual was talking about, so if it's possible, I'd rather
> avoid it.
>
> I know this question is a bit futile to ask, since noone wants his
> login to be visible to just any site, but any comments on the subject
> would still be greatly apretiated.
>
> Best regards,
> Lado
It's easier than you think:
$realm = 'mydomain.local'; //set this to the name of your Windows
domain
$dc = 'my_dc'; //set this to the name of your domain controller
if(empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW']))
{
//They haven't given us a username and password yet
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die(); //if they hit cancel
}
if(($ldap = @ldap_connect($dc, 389)) !== false) {
if(@ldap_bind($ldap, $_SERVER['PHP_AUTH_USER'] . '@' . $realm,
$_SERVER['PHP_AUTH_PW']) !== false) {
//login was successful and $_SERVER['PHP_AUTH_USER'] has the
username
}
else {
//login was not successful so try again
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die(); //if they hit cancel
}
}
Navigation:
[Reply to this message]
|