If memory doesn't fail me, if you work with IIS and protect the source pages
of the application so that IUSR_xxxxx (the generic anonymous user) doesn't
have access to those files and instead grant access to the NT users or
groups which you want, the IIS when working with IE clients will take care
of that as long as they are all in the same domain. I did it with IIS 3 and
IE4 and it worked, I am not completely sure about the details, but it is
something you do in the server administration and you don't need to do any
programming at all, if the person reaches the page it is because it is who
he says it is.
Otherwise, no browser will give you access to any sensitive information on
the client machine, nothing that someone, anyone, might pick on the server
side just by receiving a page request.
Satyam
----- Original Message -----
From: "Dan Shirah" <mrsquash2@xxxxxxxxx>
To: <ceo@xxxxxxxxx>
Cc: "php-general" <php-general@xxxxxxxxxxxxx>
Sent: Friday, July 27, 2007 11:02 PM
Subject: Re: Authentication
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with what
I
have pulled from ldap and verify the user's name is valid. If the username
is valid I will assign it to a variable and use that variable to store the
name of the user that submitted the requests.
Yes, I am trying to get a single sign on method if possible.
$_SERVER['REMOTE_ADDR'] works in bringing back the IP Address of the
computer I'm kaing the request from, but $_SERVER['REMOTE_USER'] does not
return anything.
On 7/27/07, Richard Lynch <ceo@xxxxxxxxx> wrote:
On Fri, July 27, 2007 12:51 pm, Dan Shirah wrote:
> I looked on PHP.net but I couldn't not find anything suitable to
> answer my
> question.
>
> Within PHP, is there a way to pull the name of the user that is
> currently
> logged into the PC?
That data is not transmitted, by design, in an HTTP request.
> I know with some of the _SERVER functions you can pull the IP of the
> machine
> and other data, is there a function within this family that would
> work?
If you can find a JavaScript function to snoop the username, you could
then write that into the URL, I suppose...
But I suspect that, by design, JavaScript does not do this either.
Basically, the username on the visitor's computer is both meaningless
and far far far too private to be handing it out arbitrarily.
It's meaningless in that any user can buy a PC and set up any username
they want on it, and your webserver has NO IDEA what that username
means.
It's far far far too private, because it's none of your business to
know who I am when I'm surfing.
If you're trying to get some kind of "one login" system going, there
may or may not be some useful info in the ever-reappearing thread
regarding "Active Directory" and/or LDAP.
If you're trying to do something else, post whatever it is you are
trying to do, and perhaps you'll get some help.
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--------------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.476 / Virus Database: 269.10.22/921 - Release Date: 26/07/2007
23:16
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
