堆栈内存溢出
  简体   繁体   English

PHP Kerberos:检查有效票证/访问票证

[英]PHP Kerberos: Check for valid ticket/Access the ticket

 原文  2014-10-29 16:16:06       php/ drupal/ drupal-7/ kerberos/ mit-kerberos

问题描述

We have an apache2-server using Kerberos for website-authentication via Active Directory. 我们有一台使用Kerberos的apache2-server,用于通过Active Directory进行网站身份验证。 On the website i use the Drupal-Framework and the unsupported "Kerberos Authentication"-Module ( https://www.drupal.org/project/kerberos_authentication ). 在网站上,我使用了Drupal框架和不受支持的“ Kerberos身份验证”模块( https://www.drupal.org/project/kerberos_authentication )。

When a user wants to access the Website, she/he has to do the following: 当用户想要访问网站时,他/他必须执行以下操作:

  1. Open the browser & navigate to the website 打开浏览器并导航到网站
  2. A popup appears asking for Kerberos/AD credentials. 出现一个弹出窗口,要求提供Kerberos / AD凭据。 ( 在此处输入图片说明 )
  3. Enter AD credentials 输入广告凭据
  4. Being allowed to proceed to the drupal-website. 被允许进入drupal网站。
  5. Access the website 访问网站

The problem is in Part 5: The user still needs to fill in the login-form to get logged into drupal. 问题出在第5部分:用户仍然需要填写登录表单以登录Drupal。 The AD username and password are working here thanks to the Drupal-Kerberos-Module. 多亏了Drupal-Kerberos-Module,AD用户名和密码才能在这里工作。 But this forfeits Kerberos in the first place, since the users have to enter their credentials more than once. 但是,这首先就取消了Kerberos,因为用户必须多次输入其凭据。

How can i access the ticket the user was granted/that is stored in the browser (or wherever it is stored) using php? 我如何使用php访问被授予/存储在浏览器中(或存储在任何地方)的用户票证​​? Or how to check if a user as a valid Kerberos ticket so that the user does not have to enter his login data twice and gets logged into drupal automatically, using php? 或者如何检查用户是否为有效的Kerberos票证,以便该用户不必使用php两次输入其登录数据并自动登录到drupal? (I am aware that this could require me to write my own drupal module) (我知道这可能需要我编写自己的drupal模块)

1 个解决方案

解决方案1
 1 已采纳  2014-10-30 13:20:06

Tangential to your question - though I've never managed to properly configure the module you mention, I've had great luck with the LDAP module. 与您的问题相切-尽管我从未设法正确配置您提到的模块,但我对LDAP模块感到很幸运。 It also includes a submodule for SSO, which does exactly what you want, but using the Drupal login form as a fallback instead of the (in my opinion, ugly) popup shown in your example. 它还包括一个SSO子模块,它可以完全满足您的要求,但是使用Drupal登录表单作为后备,而不是示例中显示的(我认为是丑陋的)弹出窗口。

I hope this is helpful to you. 希望对您有帮助。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无密码 LDAP 登录并在 PHP 中使用 Kerberos 票证获取用户信息 - passwordless LDAP login and get user information using Kerberos ticket in PHP 限制用户的票证访问 - Restricting ticket access to user PHP票证ID生成 - PHP Ticket ID Generation Tableau使用PHP获取门票 - Tableau get ticket with PHP PHP号码票系统? - PHP Number Ticket System? php 漏洞中的票务系统 - Ticket system in php vulnerabilities WooCommerce票房-如何检查产品是否为机票PHP - WooCommerce Box Office - How to Check if Product is a Ticket PHP 需要PHP票务系统源码 - Need PHP ticket system Source 带有 PHP 的 Tableau 可信身份验证票证 - Tableau Trusted Authentication Ticket with PHP PHP彩票门票选手 - PHP Lottery Ticket winner picker
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM