Brad
Reputation: 12262
can bind successfully to the ldap server, but needs to know how to find user w/i AD
I create a login form to bind to the ldap server, if successful, it creates a session (which the user's username is stored within), then I go to another page that has session_start(); and it works fine.
What I want to do now, is add code to test if that user is a member of a specific group.
So in theory, this is what I want to do
if(username session is valid) {
search ldap for user -> get list of groups user is member of
foreach(group they are member of) {
switch(group) {
case STAFF:
print 'they are member of staff group';
$access = true;
break;
default:
print 'not a member of STAFF group';
$access = false;
break;
}
if(group == STAFF) {
break;
}
}
if($access == TRUE) {
// you have access to the content on this page
} else {
// you do not have access to this page
}
}
How do I do a ldap_search w/o binding? I don't want to keep asking for their password on each page, and I can't pass their password thru a session.
Any help is appreciated.
Upvotes: 0
Views: 329
Answers (1)
streetparade
Reputation: 32888
Best Practice would be to use a such library which does the necessary part.
http://sourceforge.net/projects/classldap/
http://sourceforge.net/projects/adldap/
Upvotes: 1
Related Questions
- Authenticating in PHP using LDAP through Active Directory
- Find user in AD LDAP
- PHP ldap_connect + ldap_bind unable to bind
- PHP - LDAP Authentication and Search
- php bind ldap to active directory
- LDAPS not connecting with PHP
- PHP LDAP binding AD with the server's user account
- ldap_bind() not working
- LDAP Authenticating user in PHP
- PHP LDAP Connection