Kerberos身份验证在PHP [英] Kerberos Authentication in PHP

问题描述

让我们只是假设，我不知道很多有关Kerberos - 只是基础知识

Let's just assume that I don't know much about Kerberos - just the basics.

我有...

• Debian的Linux 2.6的Web服务器
  
  
  
  • Apache 2.2的
    
    
    
    • mod_auth_kerb所/ 5.3
    
    
    • PHP / 5.2
    
    
    
    
    • 火狐3
    
    
    • 在麻省理工学院网络标识管理器标识user@EXAMPLE.COM的记录
    
    

    我如何使用这些信息在一个PHP脚本，这样我不需要登录到该网站，如果游客有Kerberos票据这样呢？我不想Apache来处理身份验证。我需要找出哪些用户访问通过PHP站点。

    How do I use this information in a PHP script so that I don't need to log in to the website if the visitor has a kerberos ticket like that? I don't want Apache to handle the authentication. I need to find out which user is accessing the site via PHP.

    这可能吗？如果是这样的：如何

    Is that possible? If so: How?

    我迄今发现：我对使能在Firefox 域。

    What I have found out so far: I have to "enable" the domain in Firefox.

    不过仅此而已......

    However that's about it...

    推荐答案

    我不知道这是否会帮助，但它看起来像Apache将发送PHP的用户名信息用的 KrbSaveCredentials 参数保存相对=nofollow> modauthkerb 包。你应该得到两个全局变量在PHP中：

    I'm not sure if this will help, but it looks like Apache will send PHP the username information with the modauthkerb package if you use the KrbSaveCredentials parameter. You should get two global variables in php:

     $_SERVER['REMOTE_USER']
     $_SERVER['KRB5CCNAME']
    

    http://archives.postgresql.org/pgsql-admin/ 2004-08 / msg00144.php 看起来他们已经得到了这个工作。

    http://archives.postgresql.org/pgsql-admin/2004-08/msg00144.php looks like they have got this working.

    如果你可以看到用户是这样的话，它真的不是一个要求，即实际PHP并认证。

    That way if you can see what the user is, it really isn't a requirement that php actually does the authentication.

    这篇关于Kerberos身份验证在PHP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！