Not sure what to search for

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Not sure what to search for

Post by RobertGonzalez »

Ok, I am at a total loss for what to search for, so I turn it over to this fine community.

I want to implement a single login system for my corporate internet. Basically if you are logged onto the network, whatever machine you are logged in to will, when opening IE, know who you are based on your network credentials and authenticate you with your network authentication.

What term should I be Googling for? I tried single sign-on, NT authentication, LDAP authentication, Active Directory Authentication (all with PHP) but I am having no luck finding what I am looking for. I am not necessarily looking for code or tutorials (I won't turn it away, but that is really not what I am after) so much as I am looking for the term I need to Google for in order to find what I want.

As always, any help you can offer is greatly appreciated.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

So you want IE to submit credentials that a user used to log in to a computer?
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Search MSDN for an activex solution to grab the username/domain and do ldap based on that.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Yes. So once you are authenticated to the network via your PC login, you are logged in. Opening IE (any browser really, though I know IE integrates well with this process and FF/Opera require secondary login credential passing) should then serve up your intranet home page based on who you are as described by the network.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

I wish you the best of luck ;) I've never heard of this being done before for a web based program.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

We have an application that does it already, but it is in ASP and not on our servers (in fact it is on an IIS machine, which I didn't realize until now). I know there is a way to do this, I am just not sure what to search for.

@nickvd, I will give that a shot momentarily.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I remember something about a variable (or two) being set in $_SERVER or $_ENV when requesting via IE over a LAN.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I will into that tonight. I'd really like to be able to offer this, though the more I think about it the more it seems that it might not be the best way to go, what with have constant authenticated access to the intranet on your machine open all day long and people forgetting to lock their computers. That could go a long way in making my intranet app insecure from the physical access level
thiscatis
Forum Contributor
Posts: 434
Joined: Thu Jul 20, 2006 11:00 am

Post by thiscatis »

And Shibboleth + LDAP?
That's how they do it at my university
Post Reply