I am afraid I am not communicating what I am trying to do.
I have multiple databases that my library purchases. FirstSearch, Ebscohost, etc. These company's have there own authentication systems that I have no control over. A lot of them give user names and passwords that can access their secure database; however I will not give out this information to students. I want to design a system that will log the students on directly without them ever seeing the log in screen.
A) Does this make sense in what I am trying to do?
B) How can I do it?
Jeremy
At 12:38 PM 1/9/2003 -0700, David Smith wrote:
I haven't looked over all your code in detail, but the problem you
describe seems to be best solved using PHP Sessions. Sessions store data
between browser refreshes. You could store whether a user has been
authenticated via LDAP, and then on a subsequent page, you can reference
that information to determine how to proceed.
Here's the doc: http://www.php.net/manual/en/ref.session.php
--Dave
On Thu, 2003-01-09 at 11:29, Jeremy Peterson wrote:
> David,
>
> I have ldap working, my problem is the second half of my question.
>
> The problem script workflow:
> 1. Authenticate on LDAP (Resolved)
> 2. Connect to different authenticated site for the user (Not sure where to
> go now.)
>
> My guess was to send the post information to where the form action points
> to. Having done this, all I get is a blank page. I guess if PHP sends
> the post information then the client will be out of the authentication
> loop. There must be a better way. But I don't think I have enough
> information to know how to proceed.
>
> Somehow I have to get the browser to send the http post rather than
> PHP. Is this possible.
>
> Jeremy
>
> P.S.
>
> The script I am using right now incorporates Chris Alsop's class:
>
> <!-- CLASS START -->
>
> <?php
> ## Archive: c_http.class
> ## Description: Basic http class functions (only post right now)
> ## Author: Chris Alsop - chris@mindpointe.com (rumblefiz)
> ## Property Of: Everyone
> ## Date Created: 07/01/2001
> ## Mod History: 07/01/2001 Chris Alsop - Initial Coding
> ##
> ==========================================================================
> class c_http {
> ## DECLARE CLASS VARIABLES ----------------
> var $QUERY_STRING;
> var $TARGET_DOMAIN;
> var $TARGET_FILE;
> var $RESPONSE;
> ## END CLASS VARIABLE DECLARATION ---------
>
> ## FUNCTION: c_http()
> ## ARGS: $psQueryString : String
> ## $psTargetDomain : String
> ## $psTargetFile : String
> ## ''''''''''''''''''''''''''''''''''''''''
> function c_http($psQueryString,
> $psTargetDomain,$psTargetFile) {
>
> $this->QUERY_STRING = $psQueryString;
> $this->TARGET_DOMAIN = $psTargetDomain;
> $this->TARGET_FILE = $psTargetFile;
> }
> ## END FUNCTION: c_http() *****************
>
> ## FUNCTION: post()
> ## ARGS: None
> ## RETURNS: Boolean
> ## ''''''''''''''''''''''''''''''''''''''''
> function post() {
> $qs = $this->QUERY_STRING;
> $domain = $this->TARGET_DOMAIN;
> $thefile = $this->TARGET_FILE;
> if(!$fp = fsockopen($domain,80)) {
> print "Socket not open<br>";
> return false;
> exit();
> }
> $postData = "POST http://$domain/$thefile HTTP/1.0\r\n";
> $postData .= "Content-type:
> application/x-www-form-urlencoded\r\n";
> $postData .= "Content-length: ".strlen($qs)."\r\n\r\n";
> $postData .= $qs;
>
> if(!fputs($fp,$postData)) {
> return false;
> exit();
> }
>
> $data = "";
> while(!feof($fp)) $data .= fgets($fp,32000);
> $pos = 0;
> for($i=0; $i<2000; $i++) {
> if(strtoupper(substr($data,$i,4)) == "\r\n\r\n") {
> $pos = $i+4; $i = 2000;
> }
> }
> $data = substr($data,$pos);
>
> $base = "<base href ";
> $base = $base . "=";
> $base = $base . " 'http://$domain/' ";
> $base = $base . ">";
>
> if (eregi("<body",$data)) {
> $data = eregi_replace("<body",$base."<BODY",$data);
> } else {
> $data = $base . $data;
> }
> $this->RESPONSE = $data;
> fclose($fp);
> return true;
> }
> ## END FUNCTION: post() *******************
> }
> ?>
>
> <!-- CLASS END -->
> <!-- Test Script -->
>
> <?php
>
>
>
> /*Form information I am trying to send to- example only
> <form name="MyForm" action="login.php" method="post">
> Please log into MyMBI
> ID <INPUT TYPE="text" NAME="meuser" SIZE=15>
> Password<INPUT TYPE="password" NAME="password" SIZE=15>
> <INPUT TYPE="submit" VALUE="Sign in"><BR>
> </FORM>
> */
> //setting up the varibles
>
> // print "hi test 1<p> ";
> $post_info = "meuser=*******&password=******";
>
> $oHttp = new c_http($post_info,"my.mbinet.net","/login.php");
> if(!$oHttp->post()) {
> echo "error";
> }
>
> echo $oHttp->RESPONSE;
> // first arg is the query string you want to post. it must be urlencoded.
> if you want the current querystring you can use $QUERY_STRING. the second
> arg is the domain and the third is the file (or script) that is getting
> posted to.
> ?>
>
>
>
>
>
>
> At 10:28 AM 1/9/2003 -0700, David Smith wrote:
> >Jeremy,
> >
> >LDAP authentication happens in two stages: connect and bind. The connect
> >stage is just establishing a connection with the LDAP server
> >(ldap_connect()). No username or password is necesary in this stage.
> >Once your connection is established, you attempt a bind (ldap_bind())to
> >verify a username/password on the LDAP server. Here's some PHP code that
> >will do it or you:
> >
> ><?php
> >
> >$ldap_server = "example.com"; // change to your LDAP server host name
> >$ldap_port = 389; // might be different for your server
> >$pw = "yourpassword"; // change to your password
> >$dn = "cn=dave,ou=people,dc=example,dc=com"; // change to the dn you want
> >to authenticate
> >
> >$connect_result = ldap_connect( $ldap_server, $ldap_port );
> >
> >// Did we connect?
> >if( ! $connect_result )
> >{
> > echo "Could not connect to '$server_name' on port '$server_port'";
> >}
> >
> >$bind_result = ldap_bind( $connect_result, $admin_dn, $admin_pw );
> >
> >// Did we bind?
> >if( ! $bind_result )
> >{
> > echo "Bad username/password";
> >}
> >else
> >{
> > echo "Correct username/password!";
> >}
> >
> >?>
> >
> >Here's some good documentation on the topic:
> >http://www.php.net/manual/en/ref.ldap.php
> >
> >Let us know how it goes.
> >
> >--Dave
> >
> >
> >
> >On Thu, 2003-01-09 at 10:01, Jeremy Peterson wrote:
> > > I am working on a script that will authenticate on a central system my
> > > company has devised for us to use (LDAP) and then authenticate them to
> > > other sites that I want them to access (Online Databases and other
> > > electronic resources I do not control but pay lots of money for all
> > > students to access).
> > >
> > > I have seen this done on a product produced by Epixtech called RPA
> > > (Remote Patron Authentication). This is an authentication system that
> > > avoids using a proxy server. It basically handles the authentication
> > > (LDAP) and sends the appropriate information to the other secure
> > > source (Online Database, Electronic Resources, or my online catalog's
> > > patron information.) Typically there are multiple ways it will
> > > authenticate for the user to other resources. URL referer, ip
> > > authentication, fill in an user/password form for the user. I just
> > > can't get the user/password portion to work on a protected site. My tests
> > > of sending post information to another one of my scripts works fine. But
> > > it doesn't work as of yet.
> > >
> > > I have worked a bit with scripts that send post information through
> > > sendToHost function (fsockopen and fputs). But nothing is really
> > > working here. Does anyone know how I should go about this? All
> > > suggestions will be great!
> > >
> > >
> > > Thanks a bunch,
> > >
> > > Jeremy
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
