|
|
 Michael - 2006-06-19 20:48:12 - In reply to message 10 from Manuel LemosSorry, but I do not understand what you mean. I am doing print_r on $_SERVER and $_REQUEST to see what info is returned/passed to/from the auth process. I did not see the same ones as are passed using SSPI under apache/Windows.
I am not sure what you mean about HTTP. Like i said, I am using your test script with changes to the necessary vars to access Squid and to print out the results. Other that that I do not understand what needs to be done. The docs are not clear so I was counting on your test script to get me connected and then I would cut and paste what was needed to get it going in the actual script.
What is it that I need to do? I have your test script and the http.php class script. What do I need to include or alter to make this work? This is an important project that I am getting behind on so I do need to move forward.
Thanks.
Mike
 Manuel Lemos - 2006-06-19 21:34:57 - In reply to message 11 from MichaelFrom what you have presented, there is no proxy HTTP authentication involved.
It seems that the server that you want to access presents a page with a login form that you must fill to login and have access.
You can use the class to emulate the form submission, collect session cookies and handle redirection. Take a look at the test_http_cookies.php example.
Michael - 2006-06-19 21:55:06 - In reply to message 12 from Manuel LemosThe requirement is that the userid be authenticated against the domain (ADS). So I do have to go against the domain (using NTLM). What do I need to change to make this work? Or do I need to seek another way of doing it?
Thanks.
Mike
Michael - 2006-06-19 21:55:32 - In reply to message 12 from Manuel LemosThe requirement is that the userid be authenticated against the domain (ADS). So I do have to go against the domain (using NTLM). What do I need to change to make this work? Or do I need to seek another way of doing it?
Thanks.
Mike
Manuel Lemos - 2006-06-20 00:43:51 - In reply to message 13 from MichaelIt does not matter how the user is authenticated by the server.
What you need to do is to submit an HTTP request that emulates the form submission, like in the test_http_cookies.php .
If you have difficulties, just let me know what is the site you want to access, if I can access it from the Internet.
Michael - 2006-06-20 14:42:28 - In reply to message 15 from Manuel LemosSo in order to actually "force" authentication, I have to actually try to go to a URL that is protected? As I am sure you can tell, I am new at this and NTLM (and security) is not my specialty.
I downloaded the test_http_cookies.php but could not get it to work. The website is internal because it is still being set up. It is a slightly reworked website of the current website that will be used until the recreated website is completed. That is going to be a couple of months.
I found some infomation on how to use ntlm_auth which is part of Samba. I was able to get that working this morning. So I am going to use that for now to get the website up and running. As I recreate the website from scratch, I will either use the same process unless I find something easier to use. One of these days I will delve into security but for now that is someone's job that I can use when I really need to.
Thanks for your help. I may give this a try again later when I have more time and no pending deadline.
Mike
Manuel Lemos - 2006-06-20 23:14:15 - In reply to message 16 from MichaelI think there is some confusion. If you want to require the users of your site to use NTLM, you need to use a NTLM authentication extension for your Web server.
The SASL library for now is just for accessing sites that already require some kind of authentication. So, it is a (HTTP) client side library not a server side thing.
Michael - 2006-06-21 11:29:58 - In reply to message 17 from Manuel LemosOh, okay. Now I understand.
Thanks.
Mike
|
