Hansen, Mike wrote:
>
>
>> -----Original Message-----
>> From: daniel.egeb...@gmail.com
>> [mailto:daniel.egeb...@gmail.com] On Behalf Of Daniel Egeberg
>> Sent: Wednesday, January 13, 2010 11:39 AM
>> To: Hansen, Mike
>> Cc: php-general@lists.php.net
>> Subject: Re: [PHP] What server am I authenticating to?
>>
>> On Wed, Jan 13, 2010 at 19:04, Hansen, Mike
>> <mike.han...@atmel.com> wrote:
>>> I took over maint of an app, and the former maintainer is
>> no longer available.
>>> I was under the assumption that authentication was done
>> through an LDAP. How do I find out which LDAP server is
>> PHP/Apache using? It might be right in front of my face in
>> the apache config or php.ini, but I can't seem to find it.
>> I'm not sure what it'd be called in those config files. There
>> is no htaccess or htpasswd files that I could find on the
>> server. Below is the code that I believe does the authentication.
>>> if (!isset($_SERVER['PHP_AUTH_USER'])) {
>>> header('WWW-Authenticate: Basic realm="***"');
>>> header('HTTP/1.0 401 Unauthorized');
>>> echo 'Access denied';
>>> exit;
>>> }
>>> else
>>>
>>>
>>> If anyone can point me right direction, that'd be great.
>>>
>>> Mike
>> Basic HTTP authentication is not using LDAP. You can use PHP_AUTH_USER
>> and PHP_AUTH_PW to verify that the credentials are correct (they'll be
>> populated with whatever the user entered). Exactly how you do that is
>> up to you (hard code it, look in a database, LDAP, etc.). You then
>> send the 401 response code along with WWW-Authenticate if the
>> credentials aren't satisfactory.
>>
>> --
>> Daniel Egeberg
>>
>
> I'll do some more digging. Would the LDAP authentication be happening from
> apache or from within PHP? The user only sees a username and password dialog.
> If they hit cancel, they get the "Access denied" which I was assuming was
> from this bit of code.
>
> Mike
if it's ldap then most likely you should check the sites apache config
file (apache-dir/sites-available) or .htaccess for something like..
<Location />
AuthType Basic
AuthName "***"
AuthBasicProvider ldap
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
