Re: Re: NT username detectable?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

on 01/30/2005 09:16 PM winnesoup said the following: 
Manuel states it right. Why authenticate AGAIN if you are allready
authenticated by our beloved Microsoft network ? (NTLM).

That is not exactly what I am saying. NTLM is the name of an authentication method used in many protocols including HTTP, SMTP, POP3. It is most common naturally under Windows, but you can also use it with non-Windows machines.

What I am trying to tell you is that even when you are already logged on Windows, when you access to an HTTP server that requires NTLM authentication, there is an exchange of information between the server and client so your password is never sent over the network unencoded, even less in plain text.

Internet Explorer (or Mozilla or Firefox) just uses information already obtained during the Windows logon to respond to the NTLM authentication HTTP request to the same Windows domain without asking your the same password again.


now try to pass the variables needed to PHP. Can be done by hidden field in
a form. Use javascript to submit the form onload
==> this is going to be my next adventure on this level........

I don't know what you are suggesting but under PHP you just need to call GetEnv("LOGON_USER") to get the user name of a successfully authenticated user.


But it all comes down to the following:
- if you are using apache webserver in windows network there are NO working
examples to be found on the internet for single signon (at least, not that I
found).

You just need to use mod_ntlm with Apache. The Apache does not even need to be running on Windows. You just need to configure mod_ntlm to let it know the Windows domain controllers for the domain of the users that you want to authenticate.

--

Regards,
Manuel Lemos

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/

Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [PHP Users]     [PHP Database Programming]     [PHP Install]     [Kernel Newbies]     [Yosemite Forum]     [PHP Books]
  Powered by Linux