LDAP and .htaccess

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all-

I am looking for a way to protect a directory's contents by
authenticating against Active Directory via LDAP.  I currently have a
nice little php script that tries to bind to LDAP via a username and
password entered in a form.  If it fails to bind, the user is denied
access.  If it succeeds in binding, it then checks to make sure the user
is part of a specified group.  It works wonderfully, but the problem
I've run in to (obviously) is that the plain files (.pdf, images, etc)
are not protected in any manner.

I know you can use php to authenticate against a .htaccess file, and
that you can use mod_auth_ldap (I'm using apache 1.3) to authenticate
against LDAP.  I would like to avoid using mod_auth_ldap if possible
because it requires credentials to be stored in it, thus making the code
less portable and more insecure.

Is there any way to use some type of php trickery to protect all of the
contents of a given directory?

Thanks!

Bret Walker

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux