Intranet - Authenticate Using Windows Credentials?
I've just about finished an intranet app that allows users to sign in and out, track their time, show a calendar view of time worked, vacation days used, calculates overtime, etc. My backend is mysql and I'm currently authenticating against a users table that I threw together. The problem with that is another set of u/p's for users. I can import a list of everyone's windows login info, but then it's in two places and I have potential sync issues and maintenance that I'd like to avoid.
My question is this: are there any environment variables that capture the windows login info in PHP (the server will be running on windows, not *nix)? For example, if I login into my workstation as djf / password1, rather than having that information also stored in a mysql table, is there any way to access those values without the user typing them in again? I'm not that familiar with windows environments, but based on the research I've done, using LDAP and Active Directory might be a possibility? I have no idea how to do either.
View Complete Forum Thread with Replies
Related Forum Messages:
Authenticate Windows
I posted a question in ASP forum but I really want to know your opinion in PHP because I'm more familiar with PHP than ASP. I have a windows 2003 stand alone server. In this server I have some windows accounts and they all have passwords. Now I have to create an intranet website on this server (IIS) My question is how can I use accounts/password on the server to authenticate user through an PHP page? Users have to enter their identity and the webpage log username and the time they login.
View Replies !
Echo Windows Username Intranet
i a making a form that will insert a few things in to a mysql database, i am trying to make a field that will show the users domain username but i cant seem to find anything to do it, i am in a corporate network with thousands of users, i am using one of the pc's to setup a mysql / php / apache server just using (xampp) we will access the pages using netbios (http://computername/index.php). our intranet needs windows credentials to access most of the pages so the info must bestored in ie i just cant find the php code to access it, i have tried, <?php print_r ($_AUTH_USER); and a few variations.
View Replies !
Session Credentials
What I'm trying to do is call user session credentials for a user that is logged into a site running Joomla CMS. I want to use this session info to populate hidden form fields and transmit those credentials to a 3rd party server for authentication against a system. Code:
View Replies !
Default MySQL Administration Credentials
I installed MySQL administor to administrate mySQL but it seems i need a username and password to connect. I do not remember specifying a username and password during installation. I was thinking maybe there might be a default username and password.
View Replies !
Passing Credentials In A Form And Perform Action
All, I want to create a script that performs the following: 1. Access a page and submits authentication credentials (www.example.com/login.html) 2. Once authenticated, grab values of a form (www.example.com/logs.html) I just need to be stepped through the thought process. Unfortunately, I can't use cURL because the main page doesn't request for authentication. Instead, it's an authentication form/page. Or perhaps I can still use cURL, but not use its auth mechanism of CURLOPT_USERPWD. Here's the form parameters that must be submitted: <label>Username:</label> <input type="text" size="14" name="username" value="User" /> <label>Password:</label> <input type="password" size="14" name="password" value="" /> <input type="submit" value="Login" />
View Replies !
Database Credentials Should Be In A Private Root On Website
I was reading the "Essential PHP Security" book part of the O'reilly series, and it explains how my database credentials should be in a private root on my website. The only two directories I can see are public_html and public_ftp, and yes I have shared hosting, so I am not sure there is a whole lot I can do about this issue. What are those private roots and why is it better to keep my database information in a separate file instead of my individual php files? when users log in I enable a session variable which is not a username or a password, its a variable which cannot be traced to any specific user, would i need another variable for security purposes say like a user ID variable so each user can be defined as well. I am just concerned about the security of my site.
View Replies !
Use Session Variables To Save Credentials Once Authenticated.
I am implementing a log on mechanism and I plan to use session variables to save credentials once authenticated. I was reading in the book Advanced PHP Programming that you should encrypt any session data. I dont understand why this encryption is needed, since the session data is stored on the server. Can someone explain to me the need for encryption. Can session data on the server be tampered with, or can a user falsify this data.
View Replies !
Warning: Ldap_bind(): Unable To Bind To Server: Invalid Credentials In
I have some problems with ldap and php fot my authentification. I don't understand why. My DN is correct in my ldap server Can you help me please? My php script : $login = $_POST['pseudo']; $passe = $_POST['passe']; $ldapServer = "localhost"; $loginDN = "uid=".$login.", o=people, dc=toto, dc=org"; $connexion = ldap_connect($ldapServer) or die ("Impossible de se connecter au seveur LDAP"); if ($connexion) { $result= ldap_bind($connexion, $loginDN, $passe); // Identification if ($result) { echo "Connexion LDAP réussie"; } else { echo "Connexion LDAP échouée"; } } My error message : Warning: ldap_bind(): Unable to bind to server: Invalid credentials in d:www-rootphpauth_ldap.php on line 15 ...
View Replies !
Intranet
I was charged with building a new intranet for my company which seemed to be complete. Testing was done everything was great and so we made every thing live and "Bam"! Now it takes an average of 8 to 10 seconds to load a page. We are using Microsoft 2003 Server, PHP 5 and MySQL 5. the previous build was on a 2000 Server, PHP 4 and MySQL 4. There are 2 intranets being run-- one runs just perfectly, however there is a header program in place that is controling the post and get information. The one in concern seems to slow when I am calling a get method thru the http header ie http://mysite/home/index.php?page=home When I call the index page and add the inclusion of the home page this is where I have the slow down. If I was to call http://mysite/home/home.php I get an imediate page load. Of course the page is not formatted corectly and I have a lot of the page information missing because I depend on the index.php to hold the basic page design and the page call will call an individual page to appear in a certain part of the over all design (sorry if I am going on and on I just want to give as much info as possible).
View Replies !
Set Up An Intranet For My Own Use Only
I have recently decided to set up an intranet for my own use only. I have a webserver using apache and also have php installed. What i have done so far is i use a basic authentication, simply asking for username and password before entering to the intranet homepage. Now what i'd like to do is to be able to retrieve whoever enter the site and be able to show it on the intranet homepage. In another word, i'd like a welcome message on the homepage.
View Replies !
Use PHP To Authenticate To AD
We use Windows 2000 AD for everything. However, we are also running XAMPP (basically Apache, MySQL, PHP for windows) on a Windows box for our Intranet. I have a few applications that need to authenticate via AD from PHP and every example I see uses the LDAP functions built into PHP. I cannot query our AD server via LDAP. If I type ldap://domaincontroller it fails, so of course, when I try to use the LDAP function in PHP they fail. How do I get LDAP running on AD? I'm sure I'm missing something simple, but I'm very frustrated. BTW, I've started coding another app that queries AD using ASP and it is soooo easy it hurts.
View Replies !
Authenticate
Ive started recoding my login/authenticate pages for my game engine, because they were simple. Upon testing what I have so far I have noticed something that confuses me. Say these are my login details. User - Me Pass- letmein Now it will log me in when i enter them exactly like that. BUT when i log in using the user me ( no capitol M), it gives me a blank screen and does nothing The incorrect password or incorrect user name works, it seems to break with case sensitivity issues. any ideas? Code:
View Replies !
Use WWW-Authenticate:
I would like to learn how to use header('WWW-Authenticate: Negotiate'); header('WWW-Authenticate: NTLM', true); How are variables passed? Which are the variables? How do I name them? If anyone can give me some info to get started with that.
View Replies !
PHP/MySQL And INTRANET.
Does PHP and MySQL behave on an Intranet, the same way it does on the Internet? If so, what server would be the best for this (Apache)? Also, how difficult is it to bypass any firewalls if a user is attempting to access the Intranet (MySQL tables) from a remote location via the Web?
View Replies !
Email On Intranet
I'm trying to submit an email on our Intranet, but when I use: mail($recipientemail,"Subject",$notification,$sender); I get the following error: Warning: mail(): SMTP server response: 550 5.7.1 Unable to relay for validemail@validdomain in c:inetpubwwwroot eminder.php on line 29 I substituted validemail@validdomain for a valid address I'm sending to. We're running Windows 2000 for our web server on the same machine running our Exchange server.
View Replies !
Intranet Development
I'm looking to start creating an intranet for the company that I work for, but I have little experience in creating such a system. It is something that I would like to learn a lot more about though. so I was wondering if a) it is possible to create a safe and secure intranet using PHP/MySQL and b) which resources (books, tutorials etc) you guys would recommend for learning more about intranet development.
View Replies !
Looking For Intranet Software
Here are the specifics that I am looking for: It needs to have a calendar (several portal and cms software packages have this) It would be nice to be able to share that calendar (optional) Or it could be a public calendar that everyone posts on (or possibly a calendar where you can make events public and private) It also needs to have a personnel directory so people can lookup others' phone numbers and email addresses. I suppose this could be done through a "user's list" if the software used was something like php-nuke, drupal, etc... Code:
View Replies !
Intranet Business App
I will be designing an intranet business app, laboratory information system to be more precise, and am still deciding what to use for the front end to the mysql db. Also one of the objectives is secure web access for customers. I designed the current app which is an MS access multiuser db. It works fine but is starting to show its limits and for version 2.
View Replies !
Trying To Add Intranet To Site
so like the subject says i'm trying to add an intranet to a site i'm working on using a php function to block out any ip addresses i dont want. In this case i want to block out anything that doesn't start with 192.168. To do this i thought that this snippet of code would do the trick, a statement checking the IP, then if it does not begin with 192.168 it would kill it.
View Replies !
How To Authenticate When Using SimpleXML
I've got an RSS feed I'd like to consume from our Sharepoint server. When I try: $xml = simplexml_load_file($url); I get failed to open stream: HTTP request failed! HTTP/1.1 401 Unauthorized This is understandable as I need to specify a username and password to access the RSS. How can I do this with SimpleXML, or, should I first call the URL with cURL and work with the stream locally? I thought there may be some global params I could set for the stream handling library of PHP.
View Replies !
How To Authenticate Remotely
There is an html form on a remote site with the fields: Username, password. I can visit the website, and login successfully. However, I'm wondering if it's possible to login without visiting the website. In other words, can I create a similar form on a remote server, and do a remote POST? I've tried the following code, but it doesn't log me in. It simply returns to the login form. Code:
View Replies !
PHP As A Proxy To Get Intranet Content
I need to provide content to the external site that comes from internal intranet web servers. These are mostly webservers in hardwired devices such as PLC's. I have done this on a smaller scale by: 1. opening socket 2. sending http request 3. getting response 4. splitting headers from content 5. sending headers and content back to browser This new requirement is more invoved though, with activex objects, username/password challenges etc.Is there a tool out there that can handle this?
View Replies !
Is PHP Robust Enough For An Intranet Application?
I'm just curious if anybody has created a PHP-based Intranet application and what successes they've had. I've used PHP to do a lot of things, but because it partners with HTML I always assumed it was too flimsy to be used in place of C/C++/VB/Java/etc. The more I thought about it though, I realized that its partnership with HTML could be an asset. It would cut down on a lot of the GUI development time. You could even add a layer of JavaScript to take care of some of the client-side error checking and other stuff that you can't do with PHP alone. What are some of the downfalls to using PHP for such an application? I hear some people talk about using Object Oriented (OO) PHP design methods, but I really don't see how you can do that. Do they mean using a lot of functions and includes, or did I miss the part where you can create classes and objects in PHP? Aside from the (at least what I can see) procedural nature of PHP, I'm having trouble pinning down where it's any less capable when used with HTML/database/JavaScript.
View Replies !
Intranet-based Calendar?
I'm interested in creating an Intranet-based calendar which will contain company information such as holidays, special events, etc. I was wondering how this could be done. I was originally thinking of using an ActiveX control of some sort but would rather use DHTML w/ Perl/PHP instead.
View Replies !
Integrating An Internet And Intranet
I developed a php inventory system on the public Internet. I have now been asked to create a customer information system that will run in an INTRAnet environment. What php and/or perl functions can I use to seamlessly integrate the intranet and internet applications.For example: We have all the product information online, but we want all the customer information offline(especially credit card stuff). When we make a sale, we would like to have the customer information displayed along with the product information. This will be used for invoicing and then for accounting purposes.
View Replies !
Build A Very Secure Intranet
I am trying to build a very secure intranet. My login script sets username in a cookie at the client side when the suer logs in and all the other pages check to see if the cookie exists and what access the user has. I know that cookies can be spoofed, so I want to setup another mechanism to check for authentication. May be store it somewhere else also and cehck them both? Can sessions be spoofed ?
View Replies !
Intranet / Network Password
In our network each person has an individual username/password to log on. This password is changed regularly. I am creating an Intranet website containing various sections and want to know if it is possible to provide a log in page for each section. The log in should be the users own username/password that they use to initially log onto the network. Is it possible to incorporate their username/password into the intranet site?
View Replies !
Authenticate Google Accounts Pro
Did any of you ever tried to authenticate Google Accounts pro grammatically? What I mean is that there are many google services available which needs to authenticate user accounts first to fetch data remotely. Now is there any of you who authenticated using PHP?
View Replies !
How To Authenticate Users With Htaccess?
Can I use PHP and htaccess to authenticate users? My service provider lets me password protect directories on my web site - using htaccess. If a user tries to access a page within a password protected directory, a dialog is received requesting username and password. But I want to provide a login page that users go to first, and then are directed to the page/directory that they are allowed to see based on their username/password. Code:
View Replies !
Http-Authenticate Problems
I am using an include on the pages I want to protect but it just brings up the login box over and over again even with the correct user and pass. Is there a specific type of formatting to use in the database fields? Code:
View Replies !
Querying Online Databases From Intranet/localhost
Firstly, is querying online databases from localhost/intranet servers possible? Secondly, if it is could someone shed some light on how I would go about it.... Ideally a small part of the intranet system would just contain two sets of db connects: $db1 = mysql_connect("onlinehostname", "username", "pass"); mysql_select_db("databasename", $db1); $db2 = mysql_connect("offlinehostname", "username", "pass"); mysql_select_db("databasename", $db2); but I'm guessing this is simple method is impossible.... is there a way to accomplish something similar? as I would like to be able to take parts of an online database into an offline one if they were approved..
View Replies !
Http Authenticate Entire Site
we are validating users in several different sections (each section is in it's own directory..ex. the download section is in /downloads) using http authentication. when a user authenticates in one section they can roam freely in that directory without having to authenticate again. for some reason however, when i change to a different directory and then run a phpinfo(), both $PHP_AUTH_USER and $PHP_AUTH_PW are gone, meaning the user will have to authenticate again. the user can go back to the first directory again and they are still authenticated within that directory. i would like the users to only have to authenticate once for the entire site, but scince there are areas of the site that do not require validation i don't want to make them authenticate until they have to.
View Replies !
Http Authenticate Auto Login?
you know the apache built in authenticate boxes? username+password. is it possible to run a php script that can log into that? do I send the username/pass as a post? is this possible? I've searched everywhere and only found info on making one. I don't want to make one, I want to log into one via a php script. reason: dreamhost uses that for the login for the stats page, I want to read the data from the page in a php script, but first I need to log in.
View Replies !
Authenticate Into An .htpasswd-protected Area
how I would authenticate a user using PHP to allow them access into a .htaccess + .htpasswd protected area? The configuration I currently have is a collection of directories under /protected, such /protected/sales/, /protected/adverts/, etc. Each of these directories has it's own .htaccess and .htpasswd. I would like to create a login form that would accept a user's name and password, then authenticate them to allow them to access the directories.
View Replies !
Hyperlink From Intranet Web Page To Local Files On My Computer
I'm creating a company intranet, and every employee has certain program we want them to be able to run from it, meaning we want the link to the program to be on the intranet page. For example, Adobe Photoshop resides on all the employees computer under "C:Program FilesAdobePhotoshop 7.0Photoshop.exe" However, when I enter that as a hyperlink on the page, it does not run the program. Is there a way to get a web page to run a program on the local host?
View Replies !
PHP::Auth Requiring Valid Email Address To Authenticate
I am about to implement an authentication system on the site I am building. I don't care much what users choose for their username and password, but I want to verify that users have given a valid email address before allowing them access to restricted content. Will Auth facilitate the email validation process, or does it only deal with usernames and passwords? I don't need to be told in detail how to do all this, but I'd like to know early if I'm barking up the wrong tree by trying to use Auth with this intention in mind. If so, is there a better package to use for authentication that requires a valid email address?
View Replies !
WWW-Authenticate: How To Force Password Login At Every Page Refresh ?
<!-- The following sample should authorize the user to log on the site. This works once but after refreshing the browser, it does not prompt again for login until all browser (IE 6) windows are closed and the same page is opened. I turned off all caching but still it does cache (as a refresh doen not promt again). How can I force the page to prompt for a password at every refresh --> <html> <head> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> <?php $showall = false; error_reporting (E_ERROR); if (($PHP_AUTH_USER != "myname") || ($PHP_AUTH_PW != "mypass")) { header('WWW-Authenticate: Basic realm="Secure Login"'); header('HTTP/1.0 401 Unauthorized'); $showall = false; } else { error_reporting (E_ALL ^ E_NOTICE); $showall = true; } if (!showall) { echo "access denied"; } else { ?> ................ </head> <body> ................. <? } ?> </body> </html>
View Replies !
Mail() Won't Work; Server Says "Unable To Authenticate User..."
I am working on a sendmail script using the PHP mail() function. If I click on the HTML form page from within my hosting control panel (while I'm logged into my hosting account), fill out the form, and then click on the "submit" button the mail sends just fine. However, if I log out of my control panel and approach the form page, just like a visitor or stranger would do, the PHP mail() function will not send the mail. If I look inside the "./tmp/mailError.log" file there is the following message: "Unable to authenticate user. Message not sent." It appears that the server will not send the mail because there is not any identification for the outgoing mail. I have tried inserting a fourth variable in the PHP mail() function a couple of different ways like so:
View Replies !
Header('WWW-Authenticate: Basic Realm="Private"');
What am I doing wrong here: if ($_SERVER['PHP_AUTH_USER'] !== 'username' || $_SERVER['PHP_AUTH_PW'] !== 'password') { header('WWW-Authenticate: Basic realm="Private"'); header('HTTP/1.0 401 Unauthorized'); die('Authorization Required.'); } I don;t use this much, so I don;t know....This is what's happening with this code...I am prompted with the log in box....When I type in the wrong or right login info, I am simply prompted again to input my login info....if I press cancel, I receive the message: Code:
View Replies !
Authenticate A User Using Same Password As Linux Password
We're working on an intranet site where we will require user's to only be able to access their own page in some instances. Rather than introducing another password to the mix, we were thinking about seeing if we could use the same credentials (username and password) as their linux credentials. The web site will be running off of the same machine that we want to access the credentials on.
View Replies !
Authenticate The User With The Login.html, Login.php.
I am setting up a registration/login for my website with PHP and MYSQL. I have a register.html, register.php & a login.html, login.php. I can successfully register a user (using register.html, register.php) into my database. Now, I am trying to authenticate the user with the login.html, login.php. When I try to do so, however, I always recieve my error message "failed." It will not authenticate (despite several attempts of logging in with the same username and password of that which is in my database.) Code:
View Replies !
CLI And Windows
The portion of the PHP manual entitled "Using PHP from the command line" states that "The CGI SAPI supports the CLI SAPI behaviour by means of the -C switch when run from the command line.": http://us2.php.net/features.commandline However, "php -h" says of the -C switch, "Do not chdir to the script's directory". Further, running php -Cr "echo 'test'" results in an error saying that the -r switch doesn't exist, even though it should if it were acting like the CLI version. This, coupled with the fact that the Windows installer doesn't seem to install a seperate CLI exe means that, unless I'm missing something, CLI isn't something that can be used on Windows, contrary to what the docs say.
View Replies !
|
TRACKER
