thnx Manuel for your reply. Problem is, no "binary" found so far for mod_ntlm. And then it turns out you need mod_auth_sspi for Apache 2.x After more reading found this article at the internet: http://twiki.org/cgi-bin/view/Codev.WindowsInstallModNTLM points to apache on windows configurations. finally. Now trying to find the time to try it out. Problem with authentication is known as "transparent authentication". ----- Original Message ----- From: "Manuel Lemos" <mlemos@xxxxxxx> To: "winnesoup" <adsl274570@xxxxxxxxxx> Cc: <php-windows@xxxxxxxxxxxxx> Sent: Monday, January 31, 2005 5:12 AM Subject: Re: Re: NT username detectable? > Hello, > > on 01/30/2005 09:16 PM winnesoup said the following: > > Manuel states it right. Why authenticate AGAIN if you are allready > > authenticated by our beloved Microsoft network ? (NTLM). > > That is not exactly what I am saying. NTLM is the name of an > authentication method used in many protocols including HTTP, SMTP, POP3. > It is most common naturally under Windows, but you can also use it with > non-Windows machines. > > What I am trying to tell you is that even when you are already logged on > Windows, when you access to an HTTP server that requires NTLM > authentication, there is an exchange of information between the server > and client so your password is never sent over the network unencoded, > even less in plain text. > > Internet Explorer (or Mozilla or Firefox) just uses information already > obtained during the Windows logon to respond to the NTLM authentication > HTTP request to the same Windows domain without asking your the same > password again. > > > > now try to pass the variables needed to PHP. Can be done by hidden field in > > a form. Use javascript to submit the form onload > > ==> this is going to be my next adventure on this level........ > > I don't know what you are suggesting but under PHP you just need to call > GetEnv("LOGON_USER") to get the user name of a successfully > authenticated user. > > > > But it all comes down to the following: > > - if you are using apache webserver in windows network there are NO working > > examples to be found on the internet for single signon (at least, not that I > > found). > > You just need to use mod_ntlm with Apache. The Apache does not even need > to be running on Windows. You just need to configure mod_ntlm to let it > know the Windows domain controllers for the domain of the users that you > want to authenticate. > > -- > > Regards, > Manuel Lemos > > PHP Classes - Free ready to use OOP components written in PHP > http://www.phpclasses.org/ > > PHP Reviews - Reviews of PHP books and other products > http://www.phpclasses.org/reviews/ > > Metastorage - Data object relational mapping layer generator > http://www.meta-language.net/metastorage.html -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
