CODEWITHSUNDEEP
phpauthenticationmod-ldap
scottm
scottm

Reputation: 28699

How do I retrieve the user information of a user authenticated with Apache's mod_ldap?

I have LDAP authentication working with Apache. Now I need to know how I can get what user logged in with PHP. Is it even possible? Do I have to do the authentication in PHP to store the user name?

Upvotes: 2

Views: 9552

Answers (2)

Brian Showalter
Brian Showalter

Reputation: 4349

If you activate the mod_authnz_ldap module and configure your section like this:

<Directory /var/www/yoursite/>
    AuthName "LDAP Secured"
    AuthType Basic
    AuthLDAPUrl "ldap://your.ldap.server:389/dc=example,dc=com?sAMAccountName"
    AuthLDAPBindDN "[email protected]"
    AuthLDAPBindPassword "secret"
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    Require valid-user
</Directory>

Then in your PHP code you can obtain the user ID that was used to log in like this:

<?php
    $userId = $_SERVER['AUTHENTICATE_SAMACCOUNTNAME'];
    echo "User ID: " . $userId;
<?

Any LDAP attribute that you specify in the AuthLDAPUrl directive can be obtained this way (prefix it with AUTHENTICATE_ and then append the attribute name in all uppercase). You can add more attributes by separating them with commas, but only the first one will be used for authentication. See http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#exposed and http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authldapurl for further details.

Upvotes: 10

josephdotca
josephdotca

Reputation: 378

I am not sure if it's the same with mod_lsap, but when you authenticate using Apache, the username and password are stored in the $_SERVER's superglobals. 

$_SERVER['PHP_AUTH_USER']
$_SERVER['PHP_AUTH_PW']

http://ca.php.net/manual/en/reserved.variables.server.php

Upvotes: 7

Related Questions