Is it possible to use identd to grab the user name and use it to perform an LDAP lookup, without the browser (IE or Mozilla) prompting for user name and password.
If so is it safe to assume that if identd passes a uid then that is the correct windows user. I am operating within a secure network, so am not worried about an outside attack, but could a student send a staffs uid via an ident hack and gain access.
I could do this using php / perl to check before serving pages, but I'd prefer to do it via apache and keep the web pages simple.
Thanks, Mark F **** MY .htaccess file AuthType Basic AuthName "Test Authentication" # DN of Active Directory server AuthLDAPURL ldap://server/DC=server=uk?sAMAccountName AuthLDAPBindDN "CN=ldap_lookup,OU=SysUsers,DC=myDC" AuthLDAPBindPassword "xxxxxxxxx" ### currently only require valid user, ### will replace with group lookup later require valid-user --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|