堆栈内存溢出
  简体   繁体   English

SSO身份验证-Apache / PHP / ActiveDirectory

[英]SSO Authentication - Apache/PHP/ActiveDirectory

 原文  2013-09-23 11:30:56       php/ apache/ authentication

问题描述

I want to make an intranet with SSO Authentication through Active Directory. 我想通过Active Directory建立具有SSO身份验证的Intranet。 I searched about and I found maybe two ways : 我搜寻了一下,发现也许有两种方法:

  1. Using the apache module mod_authnz_sspi . 使用apache模块mod_authnz_sspi I can get the username and the domain but it seems there is no authentication. 我可以获取用户名和域,但似乎没有身份验证。 Maybe I don't really get it... 也许我不太了解...

    Here my apache conf for this module : 这是我的这个模块的Apache conf: 

    \n \n    AuthType SSPI AuthType SSPI\n    SSPIAuth On SSPIAuth开\n    SSPIAuthoritative On SSPI授权开启\n    SSPIOfferBasic On SSPIOfferBasic开\n    SSPIOmitDomain Off SSPIOmitDomain关闭\n    SSPIDomain MyDOMAIN SSPIDomain MyDOMAIN\n    Require valid-user 需要有效用户\n\n

    So I guess the "connection" is not really safe... 所以我猜“连接”并不是很安全...

  2. Using the apache module mod_authnz_ldap but I can't make it works well... 使用apache模块mod_authnz_ldap但我不能使其正常工作...

    Here my apache conf for this module : 这是我的这个模块的Apache conf: 

     \n   \n   AuthName "LDAP Authentication" AuthName“ LDAP身份验证”\n   AuthType Basic AuthType基本\n   AuthBasicProvider ldap AuthBasicProvider ldap\n   AuthLDAPBindAuthoritative off AuthLDAPBindAuthoritative关闭\n   AuthLDAPURL "ldap://ad.server.fr:389/DC=server,DC=local?sAMAccountName?sub?(objectClass=person)" NONE AuthLDAPURL“ ldap://ad.server.fr:389 / DC = server,DC = local?sAMAccountName?sub?(objectClass = person)”无\n   AuthLDAPBindDN ldap@server.local AuthLDAPBindDN ldap@server.local\n   AuthLDAPBindPassword password AuthLDAPBindPassword密码\n   AuthLDAPRemoteUserAttribute on AuthLDAPRemoteUserAttribute在\n   LDAPReferrals Off LDAPReferrals关闭\n\n

    I got this error LDAP: SSL support unavailable: LDAP: CA certificates cannot be set using this method, as they are stored in the registry instead. 我收到此错误LDAP: SSL support unavailable: LDAP: CA certificates cannot be set using this method, as they are stored in the registry instead. but I don't want to use SSL for the connection... 但我不想使用SSL进行连接...

    Actually I don't really get how this works. 其实我不太了解它是如何工作的。 My active directory doesn't get connection from my apache or just maybe anonymous. 我的活动目录无法从我的Apache获得连接,或者可能是匿名的。

Now I don't know how to make a SSO Authentication on my intranet. 现在,我不知道如何在我的Intranet上进行SSO身份验证。 Which way is better ? 哪种方法更好? Is there another one ? 还有另一个吗?

I use wamp ( for windows ) with apache 2.4.4. 我在Apache 2.4.4中使用wamp( 用于Windows )。

1 个解决方案

解决方案1
 1  2013-10-09 01:46:23

I use apache 2.4.4, on windows xp, with mod_authnz_sspi and the following works for me for people using IE8. 我在Windows XP上使用apache 2.4.4和mod_authnz_sspi,以下内容适用于使用IE8的用户。 But i'm not using PHP. 但是我没有使用PHP。 Using Django. 使用Django。 

<Location "/k/">
    AuthName "Something"
    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain "COMPANY"
    SSPIUsernameCase "upper" 
    require valid-user
    SSPIPerRequestAuth Off
    require user "NT AUTHORITY\ANONYMOUS LOGON" denied
</Location>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 单点登录(SSO)如何与PHP + Apache一起针对Active Directory进行透明身份验证? - How does single sign-on (SSO) work with PHP + Apache against an Active Directory for transparent authentication? 需要借助 Windows 身份验证在 PHP 中集成 SSO - Need to integrate SSO in PHP with the help of Windows authentication PHP-说明我的SSO身份验证所需的步骤 - PHP - Explain steps needed for my SSO authentication php应用程序中的Google SAML APP SSO身份验证 - Google SAML APP SSO authentication in php application Apache2 PHP SSO与Active Directory - Apache2 PHP SSO with Active Directory PHP Apache NTLM身份验证替代 - PHP Apache NTLM Authentication Alternate Laravel 5:Apache php http认证 - Laravel 5: Apache php http authentication 在PHP + Apache上使用摘要式身份验证 - Using Digest Authentication with PHP + Apache 通过 PHP 进行动态 Apache 身份验证 - Dynamic Apache authentication via PHP 如何在使用 apache 2.4 的 php 编写的网站中使用 SSO? - How to use SSO in a php written website with apache 2.4?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM