[snip]
I've got a bit lost on this, but assuming that we are talking about an
intranet enviornment, with windows/IE6 clients, and apache servers, then
personally:
I would check logins based on a valid session. If the user doesn't have
a session they aren't logged in. Store the username in the
Quoting Rory Browne [EMAIL PROTECTED]:
I've got a bit lost on this, but assuming that we are talking about an
intranet enviornment, with windows/IE6 clients, and apache servers, then
personally:
I would check logins based on a valid session. If the user doesn't have a
session they aren't
Quoting [EMAIL PROTECTED]:
[snip]
As far as I can tell you will have to ask the user to login at the web
application level again, but you can verify it against your AD via LDAP
with the basic stuff from http://www.php.net/ldap
[/snip]
We are sitting here having a discussion on login techniques
[snip]
We are sitting here having a discussion on login techniques and I cam
up
with a thought...why not have a login script write a cookie that then
coulod be read by PHP and compared against the AD via LDAP? Does
anyone
see any gotcha's with that kind of process?
Couldn't I write my own
Quoting [EMAIL PROTECTED]:
[snip]
Couldn't I write my own cookie to fool the authentication into
thinking I'm somebody else?
[/snip]
I suppose that you could do that if you were savvy enough to realize
that automatic login to the intranet used a cookie for authentication
and you knew how to
[snip]
First, let me apologize for having to take it to a basic level. I'll
admit that I'm fairly new to web development, but this is something I
could *really* use at work and I want to make sure I understand (just
to set the stage, we use Windows/Active Directory/MS SQL Server at
work,
Quoting [EMAIL PROTECTED]:
You could just store a username, since they have already authenticated,
but a cookie with just a username would be easy to duplicate. My current
thought is to hash a checksum of some sort and storing that in the
cookie as well. That way you avoid the username only
Rick Emery wrote:
Quoting [EMAIL PROTECTED]:
You could just store a username, since they have already authenticated,
but a cookie with just a username would be easy to duplicate. My current
thought is to hash a checksum of some sort and storing that in the
cookie as well. That way you avoid
Quoting Jochem Maas [EMAIL PROTECTED]:
Rick Emery wrote:
Okay, I'm following all of this. So I could take, say, the username
reversed and encode it, then decode it in the PHP application,
and be
I wouldn't do it like that
instead stick the username in the cookie in plaintext and
I've got a bit lost on this, but assuming that we are talking about an
intranet enviornment, with windows/IE6 clients, and apache servers, then
personally:
I would check logins based on a valid session. If the user doesn't have a
session they aren't logged in. Store the username in the session
Kerberos - there is an apache module for it.
On 3/7/06, Justin Cook [EMAIL PROTECTED] wrote:
We are developing an intranet for my company. I would like to implement a
single sign on service. We have Active Directory on one server and the
intranet is being housed on a Redhat Linux server. When
Maybe this will help: http://us2.php.net/manual/en/ref.ldap.php
Shaunak Kashyap
Senior Web Developer
WPT Enterprises, Inc.
5700 Wilshire Blvd., Suite 350
Los Angeles, CA 90036
Direct: 323.330.9870
Main: 323.330.9900
www.worldpokertour.com
Confidentiality Notice: This e-mail transmission
@lists.php.net
Sent: Tue, 07 Mar 2006 12:06:42 -0600
Subject: RE: [PHP] LDAP and Single Sign On
Maybe this will help: http://us2.php.net/manual/en/ref.ldap.php
Shaunak Kashyap
Senior Web Developer
WPT Enterprises, Inc.
5700 Wilshire Blvd., Suite 350
Los Angeles, CA 90036
Direct: 323.330.9870
Main
[snip]
We are developing an intranet for my company. I would like to implement
a single sign on service. We have Active Directory on one server and the
intranet is being housed on a Redhat Linux server. When the internal
user pulls up the intranet, I would like it to check to see if they
[snip]
As far as I can tell you will have to ask the user to login at the web
application level again, but you can verify it against your AD via LDAP
with the basic stuff from http://www.php.net/ldap
[/snip]
We are sitting here having a discussion on login techniques and I cam up
with a
15 matches
Mail list logo