Jump to content

Archived

This topic is now archived and is closed to further replies.

brayann36

PHP authentication using LDAP

Recommended Posts

Hey fellas , 

I was clueless about LDAP AND AD when i was told to create a login page for my web-app and check authentication with AD server . After searching through , i came to know what this LDAP is all about .
i need to get started with it , so i have a email feild and password . All worstations at my workplace have access to that server , as we use it to log on to the system . I need to use the same mechnism in my
login page . 

please Help me , how to get started with it , what all things will be necessary .
This article will be a great help to not only me but to all new PHP developers because somewhere down the line everyone is going to need this . 

P.S. I have the host name and port of the server where all login details are present i need some php class and tweaks in it to access it on hitting the login button .

Thanks .

Share this post


Link to post
Share on other sites

A Google search with your thread's title yields quite a few resources.

 

 

 

everyone is going to need this

 

Not everyone. A relatively small subset of PHP developers will need to authenticate via LDAP.

Share this post


Link to post
Share on other sites

My school network uses LDAP on a Squid server if I'm not mistaken...

 

I can ask for some help, I guess?

Share this post


Link to post
Share on other sites

I guess I was being misunderstood...

 

I could ask my school's sysadmin for help, that's what I meant to say.

Share this post


Link to post
Share on other sites

Basic steps will be to open a connection to the LDAP server, this is done with ldap_connect(), this does not require authentication. Next you will bind to the LDAP directory, this step is when you will check the information your user provided. Use the ldap_bind() function, this will return true if the credentials provided by your user are valid and false if they are not. Please note that on the username at lease when I worked with this (Windows Active Directory) did require the name of the domain in front of the username (i.e domainName\userName). If you want to go further and make sure the user is a member of a group that is allowed to access the application you can search for the user object using ldap_search() and ldap_get_entries() and check the memberof attribute for the group. If all of the tests pass do what you would do during any other authentication method, set session and or cookie variables maybe update a database or log. Make sure the if the LDAP bind was successful you call the ldap_unbind() function after you have collected your user information from the directory.

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.