Answer the question
In order to leave comments, you need to log in
T
T
Timofey Yatsenko2013-05-08 14:19:47
Timofey Yatsenko, 2013-05-08 14:19:47
NTLM Authorization WITHOUT entering a password in PHP?
It is necessary to make seamless authorization for the corporate portal. So that when entering the portal, the user login (AD account) is automatically transferred.
As I understand it, this task can be implemented using NTML authorization. And in our corporate network, the gateway (Squid) is configured in this way.
However, no matter how I tried to repeat the scheme, nothing good came of it.
In code I am sending headers:
protected function sendAuthHeaders() {
header('HTTP/1.0 401 Unauthorized'); // требуем от клиента авторизации
header('WWW-Authenticate: NTLM'); // тип требуемой авторизации - NTLM
Yii::app()->end(); // завершаем выполнение скрипта
}
public function ntlmAuth() {
if (!$this->issetNtlmHeaders()) {
$this->sendAuthHeaders();
}
//разбор ответа от браузера
}As soon as the server receives the HTTP/1.0 401 Unauthorized header, it pops up an authorization window. And it is necessary for me that authorization occurs transparently, without requesting a login-password.
The portal is spinning under Apache, and for it I saw several modules, but as I understand it, they implement the entire authorization cycle at once (they connect to AD and authorize the user there). I just need to get the name of the current user in the php script, I'll do the rest myself.
3 answer(s)
@cat_crash
@mayorovp
C
cat_crash, 2013-05-08 @cat_crash
As far as I know, this mechanism (when 401 is returned for the first time and in response the browser itself throws information about the user) is implemented only in IE. Moreover, it will only do this if the site is in the trusted zone.
M
mayorovp, 2013-05-08 @mayorovp
Do not use NTLM authorization in AD - this destroys the whole idea of a domain.
Similar questions
G
M
D
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question