[PHP-DEV] isapi filter authentication

Sun, 08 Jul 2001 19:36:32 -0700 

Hello,
Is anyone out there successfuly using php scripts for authentication
under the ISAPI interface?  The reason I ask is that from looking at the
current code, you would be required to have an NT user for anything you
want to authenticate.  Once I patched the filter to map to the anonymous
user, I am able to make authentication work properly.  I'm not ready to
commit the patch until whoever has been working on this part of the code
can explain what is going on there (in case I'm missing something
obvious).  

Anyway, here is my patch.  As an explanation, the purpose in the
authentication filter is to map X number of usernames/passwords to a
single NT user, so that PHP can be used for authentication (against
ldap, mysql, whatever).  You have to tell IIS what NT user it should use
for authentication.  If you blank out the username/password in the
notification, IIS will use the anonymous NT user set up for that web
site.  

Shane Caraveo

Index: php4isapi.c
===================================================================
RCS file: /repository/php4/sapi/isapi/php4isapi.c,v
retrieving revision 1.70
diff -r1.70 php4isapi.c
631,632c631
<                               char *auth_user = ((HTTP_FILTER_AUTHENT *)
pvNotification)->pszUser;
<                               char *auth_password = ((HTTP_FILTER_AUTHENT *)
pvNotification)->pszPassword;
---
>                               HTTP_FILTER_AUTHENT *auth = (HTTP_FILTER_AUTHENT *) 
>pvNotification;
634,635c633,635
<                               if (auth_user && auth_user[0]) {
<                                       SG(request_info).auth_user = 
estrdup(auth_user);
---
>                               if (auth->pszUser && auth->pszUser[0]) {
>                                       SG(request_info).auth_user = 
>estrdup(auth->pszUser);
>                                       memset(auth->pszUser, 0, auth->cbUserBuff);
637,638c637,639
<                               if (auth_password && auth_password[0]) {
<                                       SG(request_info).auth_password = 
estrdup(auth_password);
---
>                               if (auth->pszPassword && auth->pszPassword[0]) {
>                                       SG(request_info).auth_password = 
>estrdup(auth->pszPassword);
>                                       memset(auth->pszPassword, 0 , 
>auth->cbPasswordBuff);

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to