If you are running as a CGI script within an Apache web server then you can look for the environment variable REMOTE_USER (ie. $ENV{REMOTE_USER}). If it is set then that's the user name as authenticated with Apache. With that you can use LDAP modules to extract extra information about the user from the AD.
To enable user authentication within Apache you could use mod_auth_kerb to allow Kerberos tickets or passwords to authenticate a user
AuthType Kerberos
AuthName "Kerberos Login"
SSLRequireSSL
KrbAuthRealms DOMAIN
KrbServiceName http
Krb5Keytab /etc/krb5.keytab
KrbMethodNegotiate on
KrbMethodK5Passwd on
require valid-user
It's a little tricky to get right and your server needs to be joined to the AD domain, but it works wonderfully. I assume that mod_auth_sspi works similarly.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|