Hello,
On 09/02/2004 08:28 PM, Christian Fersch wrote:
In the html headers, the server sees the clients OS, user agent, IP address etc. Is there a way on a local LAN a server might be able to know the username of the client that sends a request?
I've checked all $_SERVER variables, PHP_AUTH_USER etc require the auth box to be displayed. I'm thinking it might be possible to know which user is logged in when the request is made, possibly by using COM or even (gasp) .NET, without having to ask the user his username.
Any ideas if this can be accomplished at all?
Right now we have Firefox clients and Apache with PHP in an Active Directory domain with NT4 compatibility, but we can move to IE6 with IIS+PHP if that will work.
This isn't possible with php on its own (would be deep impact into your privacy if it could, wouldn't it?). So you've got 2 choices:
switch to IE and use a security hole :>
I think you are making a big confusion.
Nothing stops PHP from requiring NTLM authentication. PHP does not provide built-in support to handle NTLM authentication but since he users Apache he has access to the retrieve the request headers and set the response headers to handle NTLM authentication.
AFAIK, current versions of Mozilla based browsers support NTLM authentication when used under Windows, so there is no need to use IE at all.
--
Regards, Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
