Jump to content

Search the Community

Showing results for tags 'mod_auth_sspi'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (PhpStorm, VS Code, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 1 result

  1. I have been trying for a while now to get mod_auth_sspi up and running to help run a Drupal Intranet. The Drupal LDAP modul and the Drupal SSO instructions https://drupal.org/node/1371478 have been followed. I am running a Uniform Server 8.12 - running apache 2.2 and php 5.3 mod_auth_sspi is installed on the modules, and referenced in httpd.conf file. The LDAP itself works, in that going to /user someone can log into their site using the company login details from their Active Directory. The test mechanism on Drupal also pulls through relevant information such as emails etc. However unfortunately I can't get them to authenticate automatically. The httpd.conf file also contains: # Virtual hosts Include conf/extra/httpd-vhosts.conf # Pass NTLM authentication to Apache LoadModule sspi_auth_module modules/mod_auth_sspi.so <IfModule !mod_auth_sspi.c> LoadModule sspi_auth_module modules/mod_auth_sspi.so </IfModule> Then the vhosts file contains NameVirtualHost intranet.example.co.uk <VirtualHost intranet.example.co.uk> DocumentRoot "C:/UniServer2/www" ServerName Intranet <directory "C:/UniServer2/www"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order Allow,Deny Allow from all </directory> <Location /intranet/user/login/sso> AuthType SSPI AuthName "Intranet" SSPIAuth On SSPIAuthoritative On ### The domain used to authenticate with LDAP; this should match the domain ### configured in the LDAP integration configuration within Drupal SSPIDomain xxx.xxx.x.x SSPIOmitDomain On SSPIOfferBasic On Require valid-user #SSPIBasicPreferred On #SSPIofferSSPI off </Location> </VirtualHost> For information intranet.example.co.uk has been replaced with name of company xxx.xxx.x.x is the IP of the Active Directory. Obviously I've replaced these bits for security reasons. Location is intranet/ because there is also another internal web application on the same server. However when I go the site I receive the error message: This happens at both intranet.example.co.uk and intranet.example.co.uk/user/login/sso The following error reports are logged by Drupal: So clearly Drupal isn't finding the remote user. Furthermore I have a simple whoami.php script running in cgi-bin. The code for this is: <html> <head> <title>whoami at <?php $_SERVER['SERVER_NAME']; ?> </title> </head> <body style='font-family:Verdana;font-size:-1'> <?php $cred = explode('\\',$_SERVER['REMOTE_USER']); if (count($cred) == 1) array_unshift($cred, "(no domain info - perhaps SSPIOmitDomain is On)"); list($domain, $user) = $cred; echo "You appear to be user <B>$user</B><BR/>"; echo "logged into the Windows NT domain <B>$domain</B>"; ?> </body> </html> This produced "You appear to be user" with no following text and "logged into the Windows NT domain (no domain info - perhaps SSPIOmitDomain is On)", suggesting that the server is also not picking up on the remote user. I haven't made any specific odd alterations to the server, so I am assuming the problem I am having must be one suffered by others using mod_auth_sspi. Couple of things it could be although my knowledge isn't enough to tell? I don't have Tomcat on the server. On the Apache wiki (http://wiki.apache.org/httpd/ModAuthSSPI) it says a common problem with mod_auth_sspi is that mod.jk isn't configured correctly. Mod.jk seems to be a file relevant to Tomcat - however I haven't seen Tomcat listed anywhere as a requirement for mod_auth_sspi? Something to do with htaccess? I've seen some mentioned of mod_auth_sspi and htaccess but nothing specific. However htaccess is the only place where I have done something vaguely unusual with the server as it has been configured to only allow people with the same IP address as the organisation to access the site (in other words only people in the offices can use it, and it can't be accessed from the outside). Any advice or steps that could be taken to debug this would be greatly appreciated as I seem to be going round in circles. Thanks.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.