堆栈内存溢出
  简体   繁体   English

如何从Active Directory填充Apache Server中的REMOTE_USER(与SSO相关)

[英]How to populate the REMOTE_USER in Apache Server from Active Directory (SSO related)

 原文  2014-08-15 20:32:48       php/ apache/ joomla/ single-sign-on

问题描述

I'm building an Intranet site for our company using Joomla 3.3.3. 我正在使用Joomla 3.3.3为我们的公司构建Intranet网站。

I have configured a VM to run using Ubuntu 14.04 with a standard LAMP stack. 我已将VM配置为使用具有标准LAMP堆栈的Ubuntu 14.04运行。 I have also installed Joomla which I was able to get working with our company Active Directory (users are able to log into the site from any machine on our network and Joomla recognizes them). 我还安装了Joomla,可以与我们公司的Active Directory一起使用(用户可以从我们网络上的任何计算机登录到该站点,并且Joomla可以识别它们)。

I am now trying to implement SSO so that our employees won't need to sign into the site if they're logged into their workstations, and through my troubleshooting, I've narrowed it down to the 'REMOTE_USER' variable not being populated by the APACHE server (The variable doesn't even appear on my phpinfo() page) 我现在正在尝试实施SSO,以便我们的员工在登录到工作站时无需登录该站点,通过我的故障排除,我将其范围缩小到了“ REMOTE_USER”变量,该变量未由APACHE服务器(该变量甚至没有出现在我的phpinfo()页面上)

I think I'm pretty knowledgeable working within Joomla and PHP, but my Apache server and Ubuntu skills are pretty weak. 我认为我在Joomla和PHP方面的知识渊博,但是我的Apache服务器和Ubuntu技能却很薄弱。

Do my users need to authenticate within the Apache server? 我的用户需要在Apache服务器中进行身份验证吗? I really just need the Windows machine to pass the Remote_User token to Joomla, but I'm at a loss as to how to do this within Ubuntu. 我真的只需要Windows计算机将Remote_User令牌传递给Joomla,但是我对如何在Ubuntu中执行此操作感到困惑。

1 个解决方案

解决方案1
 0  2016-04-01 23:57:05

The first step to this involves a change through group policy to add your Joomla site to the Intranet security group in internet explorer. 第一步涉及通过组策略进行更改,以将Joomla站点添加到Internet Explorer的Intranet安全组中。 Google Chrome and Firefox respect the IE security group settings. Google Chrome和Firefox尊重IE安全组设置。

Once you have done this whenever your user browses your site from a domain authenticated computer the browser will automatically send a user header with the already authenticated username, this can be accessed in PHP using the $_SERVER['PHP_AUTH_USER'] superglobal. 完成此操作后,只要您的用户从经过域验证的计算机上浏览您的站点,浏览器就会自动发送带有已经过身份验证的用户名的用户标头,可以使用$_SERVER['PHP_AUTH_USER']超全局变量在PHP中进行访问。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何用以CGI运行的PHP填充$ _SERVER ['Remote_User']变量? - How to populate $_SERVER['Remote_User'] variable with PHP running as CGI? 通过PHP在Apache中设置REMOTE_USER - Set REMOTE_USER in Apache via PHP 如何在不需要身份验证时从URL检索尝试的$ _SERVER ['REMOTE_USER'] - How to retrieve attempted $_SERVER['REMOTE_USER'] from URL when no authentication is required 用户组的等效$ _SERVER ['REMOTE_USER'] - Equivalent of $_SERVER['REMOTE_USER'] for user groups 可以欺骗$ _SERVER ['REMOTE_USER']吗? - Can $_SERVER['REMOTE_USER'] be spoofed? 从PHP / CakePHP访问REMOTE_USER - Accessing REMOTE_USER from PHP/CakePHP 使用php为apache日志设置REMOTE_USER - Setting REMOTE_USER for apache logs using php Apache2 PHP SSO与Active Directory - Apache2 PHP SSO with Active Directory 如何在PHP中设置时使REMOTE_USER棒? - How to make REMOTE_USER stick when set in PHP? 单点登录(SSO)如何与PHP + Apache一起针对Active Directory进行透明身份验证? - How does single sign-on (SSO) work with PHP + Apache against an Active Directory for transparent authentication?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM