douna1895 2011-09-01 21:31
浏览 100
已采纳

PHP LDAP自动验证

So I have a nifty script (thanks to the help of some responders to a previous question), that allows a person to enter their username & password from Win AD using LDAP.

Taking that a step further I'd like to be able to see if the person has already authenticated their session on the PC and use that information instead of them entering new stuff. Someone did reference SSPI, which I wrote a little script to give me the persons username... this is ALMOST what I want.

Problem with SSPI (from what I can see, please correct me here), is that if the person doesn't have an authenticated AD session the browser asks for one in one of the tradition pop-up boxes which the user is also forced to type their DOMAIN\ before the user. I would like to have them visit my login form, not use the browser pop-up.

I look forward to your thoughts.

  • 写回答

1条回答 默认 最新

  • dongrang9300 2011-09-02 07:44
    关注

    After answering to your previous question, I thought you'd come to this point. Unfortunately, there's no transparent solution for this. I know that since I tried the exact same thing a few weeks ago and did A LOT of research. The best you can do about it is that you configure Apache to only ask for SSPI authentication when a user tries to access your login page (and only there, to avoid the browser's auth interface popping up where and when you don't want it) and NOT require a valid user/pass combination.

    So, if the user is logged into the domain, the browser (if capable/configured) will automatically pass his AD username and if not - will ask for a username and password. And here's the tricky part - if he/she fails to provide a correct combination, since a successful login is not required, this will be remembered for the session and you can fall back to your custom login form, where you can use PHP's LDAP functions to give them the ability to retry.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • php ldap 登陆验证,LDAP用户验证功能简介
    2021-04-20 15:03
    weixin_39878688的博客 LDAP功能是依赖于PHPLDAP扩展,所以要加载LDAP扩展,具体可以参考安装PHPLDAP扩展一、功能简介通过配置LDAP,实现ldap服务器的用户自动登录。也可以从ldap导入用户。即解决了禅道在Windows域下(Windows AD)用户...
  • PHP Laravel 中集成 LDAP 身份验证
    2024-08-11 02:21
    凯鹅的博客 在 Laravel 中使用 LDAP 身份验证的示例如下:首先,安装 Laravel 的 LDAP 扩展包:登录后复制 composer require adldap2/adldap2-laravel1.然后,在 config/app.php 中注册服务提供程序:登录后复制 'providers' => ...
  • php ldap 登陆验证,使用PHP进行LDAP身份验证
    2021-04-20 15:03
    吔翔的博客 我正在尝试使用PHP进行LDAP身份验证.以下是我的代码:$ldaphost = 'ldap://ldapServer';$ldapport = 389;$ds = ldap_connect($ldaphost, $ldapport)or die("Could not connect to $ldaphost");ldap_set_option($...
  • php ldap 账号密码验证
    2022-04-14 09:46
    weixin_41969959的博客 php自带ldap扩展在php 里\ext\ldap,如果没有请下载php复制到你安装的PHP里,开启php.ini里;extension=ldap去除;查询echo phpinfo();显示是否有ldap, //使用之前最好下载个ldapadmin文件,安装测试下,必须成功能...
  • simple-php-LDAP-Authentication:这是一个简单PHP LDAP身份验证脚本,允许用户绑定到LDAP,而不必创建自己的身份验证方法
    2021-05-09 00:31
    **PHP LDAP身份验证详解** 在IT领域,身份验证是网络安全的核心部分,确保只有授权的用户可以访问特定资源。本文将深入探讨如何使用PHP与Lightweight Directory Access Protocol (LDAP)进行身份验证,通过一个名为...
  • deb_php.3.1_ldap_php_
    2021-10-04 06:23
    标题中的"deb_php.3.1_ldap_php_"暗示了我们正在处理一个与Debian相关的PHP软件包,其中集成了LDAP(轻量级目录访问协议)支持。这个版本是3.1,可能指的是PHP LDAP扩展或者一个基于PHPLDAP应用程序。描述中的"php...
  • deb_php.3.0_ldap_php_
    2021-10-03 15:14
    标题“deb_php.3.0_ldap_php_”暗示了一个基于PHPLDAP(轻量级目录访问协议)应用,可能是版本3.0的更新或升级。这个应用可能是一个电话簿系统,正如描述“php ldap phonebook v3.0 test”所示,它用于存储和管理...
  • ldap-example.zip_ldap_php directory_php ldap_zip
    2022-09-14 16:37
    PHP LDAP库通常用于连接到LDAP服务器,进行用户身份验证或其他目录操作。"directory"可能指的是在LDAP服务器上的组织结构或用户数据库。"zip"则表示所有这些内容被压缩在一个文件中。 描述中的"Active Directory ...
  • Adldap2:适用于人类PHP LDAP软件包
    2021-02-06 17:13
    Adldap2是一个PHP软件包,使用提供LDAP身份验证和目录管理工具。 · 几分钟即可启动并运行。 毫不费力地连接到LDAP服务器,并在几分钟之内开始运行查询和操作。 流利的查询生成器。 建立LDAP查询从未如此简单。 ...
  • MauticLdapAuthBundle:为mautic 2和更高版本启用LDAP身份验证
    2021-02-12 23:30
    此插件为mautic 2及更高版本启用LDAP身份验证。 即使Mautic提供SAML身份验证,主要目的还是为那些不想仅在Mautic中为其公司设置SSO的用户提供替代方案 :grinning_face_with_big_eyes: 通过作曲家安装(首选) 执行...
  • 没有解决我的问题, 去提问