|
|
Posted by Andy Hassall on 09/30/07 14:32
On Sat, 29 Sep 2007 14:03:36 -0700, Bruno Barros <ragearc@gmail.com> wrote:
>Hey there. I'm currently working on an intranet, and would like to
>know how I can get the windows usernames of the visitors.
>
>You can get their IP with $_SERVER['REMOTE_ADDR'];
>
>But what about their Windows Username? Is there any way of doing so?
>Through the Intranet?
Well, yes, sort of, with limitations, and it's not exactly recommended. Look
up "NTLM".
If you're running IIS on Windows, turn on "Integrated Windows Authentication"
for the particular directory.
For Apache, there are a couple of other options, further depending on whether
you're on Windows or UNIX, for example, http://mod-auth-sspi.sourceforge.net/
or http://modntlm.sourceforge.net/ . (I've not been able to get the latter to
work at all with Apache 2.2 on Linux, but YMMV).
IE will respond automatically to the authentication challenge this sends, and
you'll get Windows username as one of the $_SERVER variables.
Firefox supports method, but users would have to manually modify the
"network.automatic-ntlm-auth.trusted-uris" option in about:config to trust your
intranet site, otherwise they get a prompt to re-enter their Windows username
and passwords.
Last time I checked Opera eitehr didn't have support for this, or it was still
beta, and disabled by default (and only re-enable-able through a hidden
option), so you'd better have a fallback.
If you go this route then bear in mind that it's not very widely used so you
won't have as much support from the community. The implementations are all
reverse-engineered (other than the native Windows/IIS one, obviously), so may
well have weird quirks.
Even if you did get this working, it's almost certainly best not to rely on
this as your authentication method on every page, instead to have it as an
*option* on your login page to identify and authenticate the user, and then use
your own method to keep the user logged in (sessions, cryptographically signed
cookies, the usual suspects here).
--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
Navigation:
[Reply to this message]
|