On Wed, Jan 13, 2010 at 19:04, Hansen, Mike <mike.han...@atmel.com> wrote:
> I took over maint of an app, and the former maintainer is no longer available.
>
> I was under the assumption that authentication was done through an LDAP. How
> do I find out which LDAP server is PHP/Apache using? It might be right in
> front of my face in the apache config or php.ini, but I can't seem to find
> it. I'm not sure what it'd be called in those config files. There is no
> htaccess or htpasswd files that I could find on the server. Below is the code
> that I believe does the authentication.
>
> if (!isset($_SERVER['PHP_AUTH_USER'])) {
> header('WWW-Authenticate: Basic realm="***"');
> header('HTTP/1.0 401 Unauthorized');
> echo 'Access denied';
> exit;
> }
> else
>
>
> If anyone can point me right direction, that'd be great.
>
> Mike
Basic HTTP authentication is not using LDAP. You can use PHP_AUTH_USER
and PHP_AUTH_PW to verify that the credentials are correct (they'll be
populated with whatever the user entered). Exactly how you do that is
up to you (hard code it, look in a database, LDAP, etc.). You then
send the 401 response code along with WWW-Authenticate if the
credentials aren't satisfactory.
--
Daniel Egeberg
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
