I am a fairly new PHP coder. I have an Apache server running PHP 4.3.9 on which I am trying to bang up a small tool for our internal users. The tool is structured in the following way: PHP code ---calls---> Perl script ---accesses---> File on a protected file system
When you open up the .php page in the browser, authentication is automatic. It is taken care of in the background by, I believe, LDAP. $_SERVER["PHP_AUTH_USER"] & $_SERVER["PHP_AUTH_PW"] get populated automatically and correctly.
If I run a whoami in my PHP code, then I see the user as 'apache'. So the Perl script is called in the context and with the privileges of user 'apache'. These privileges are used to access the file on the protected file system. 'apache' doesn't have the required privileges to access this file & the Perl script fails. If I SSH to this server and run the Perl script directly on the shell, it works without any problems because it runs under my user privileges.
What I want to do is to run the Perl script with the privileges of the already authenticated user. I can probably figure out a way to just pass $_SERVER["PHP_AUTH_USER"] & $_SERVER["PHP_AUTH_PW"] to the Perl script as an argument and the use it to access the file. I was wondering if there is a better way to do it.
Any recommendations? Thanks in advance!
