[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP Apache authorization - presupplying user & password ?

To: fulchetr@drink.bt.co.uk
Subject: Re: LDAP Apache authorization - presupplying user & password ?
From: Norbert Klasen <klasen@zdv.uni-tuebingen.de>
Date: Wed, 21 Jun 2000 09:06:16 +0200
Cc: openldap-software@OpenLDAP.org
Organization: DFN Directory Services, ZDV Uni Tübingen
References: <394F94DF.F57BD09A@drink.bt.co.uk>

Hi Tim 
> I could just use the pop-up window that the browser
> supplys but AFAIK you can't then obtain the password string the user
> supplied. 

I use auth_ldap with AuthLDAPRemoteUserIsDN set and get the password
from the http headers. See the following PHP3 code:

$ds=ldap_connect("localhost");  
if ($ds) {
  //get password from http auth
  $headers = getallheaders();
  // (type authstring)
  $authheader = explode(" ", $headers["Authorization"]);
  // (username:password)
  $auth = explode(":", base64_decode($authheader[1]));
  if ( !ldap_bind($ds, $REMOTE_USER, $auth[1]) ) {
    echo "<H1>insufficient access</h1>\n";
    ldap_close($ds);
    exit;
  }      
  [...]
                                                                                                                            

-- 
Norbert Klasen                                   DFN Directory Services
                                          Zentrum für Datenverarbeitung
Tel: +49 7071 29 70335                             Universität Tübingen
Fax: +49 7071 29 5912                                 Wächterstrasse 76
norbert.klasen@zdv.uni-tuebingen.de                      72074 Tübingen

References:
- LDAP Apache authorization - presupplying user & password ?
  - From: tim fulcher <fulchetr@drink.bt.co.uk>

Prev by Date: openLDAP v2.0
Next by Date: Re: openLDAP v2.0
Index(es):
- Chronological
- Thread