如何在使用 apache 2.4 的 php 编写的网站中使用 SSO?
[英]How to use SSO in a php written website with apache 2.4?
问题描述
I am an intern in a company and have to make an intranet for the company.
我是一家公司的实习生,要为公司做一个内网。 The difficulty for me is that i am very new to programming and don't really know how apache works.对我来说,困难在于我对编程非常陌生,并不真正了解 apache 是如何工作的。 The users don't want to log into the intranet (put the login and password) everytime they come on the site, they want them to be logged in without doing that.用户不想每次访问站点时都登录内联网(输入登录名和密码),他们希望他们无需登录即可登录。
All my users use Windows 7 (or higher), and i will write the intranet in php-sql, using apache server 2.4.我所有的用户都使用 Windows 7(或更高版本),我将使用 apache server 2.4 在 php-sql 中编写内网。
I want to know how i can connect the users by SSO using NTLM (because the authentification is done with Active Driectory, i would like the user to be connected automatically with their Windows login and password)?我想知道如何使用 NTLM 通过 SSO 连接用户(因为身份验证是使用 Active Driectory 完成的,我希望用户使用其 Windows 登录名和密码自动连接)? What is the apache module for that and how do i proceed ?什么是 apache 模块,我该如何进行? What Library do i use in PHP ?我在 PHP 中使用什么库?
I really am stuck at this point and can't seem to find a solution, please help me.我真的被困在这一点上,似乎无法找到解决方案,请帮助我。 I found some links that could help me but i don't understand what is the author saying.我找到了一些可以帮助我的链接,但我不明白作者在说什么。
Here are some links about the subjects :以下是有关主题的一些链接:
Actually i saw that this kind of question was already asked here ( How can I implement single sign-on (SSO) using Microsoft AD for an internal PHP app? ) but I don't get the solution, I would like someone to explain a little bit in detail as i said before i am very new to programming.实际上我看到这里已经有人问过这种问题( 如何使用 Microsoft AD 为内部 PHP 应用程序实现单点登录 (SSO)? )但我没有得到解决方案,我希望有人解释一下正如我之前所说,我对编程非常陌生。
1 个解决方案
解决方案1
0 2016-04-04 23:37:06
First of all using Apache is not necessary and will complicate things somewhat to do what you are trying to do, if you can use IIS server on one of your Windows servers you will be laughing.首先,使用 Apache 不是必需的,并且会使事情变得有些复杂,以完成您正在尝试做的事情,如果您可以在其中一台 Windows 服务器上使用 IIS 服务器,您会发笑。
- Install PHP on the IIS server在 IIS 服务器上安装 PHP
- Create a new website in IIS在 IIS 中创建一个新网站
- Set the new websites access to Windows Authentication and disable anonomouse access.将新网站访问权限设置为 Windows 身份验证并禁用匿名访问。
What this will do is configure IIS to authenticate the users against Active Directory, if they are on a Windows machine on the local network, already authenticated to the local domain, and the intranet is defined by GPO as a intranet site then the users Windows login details will be automatically passed and can be accessed in PHP using the $_SERVER superglobal.这将配置 IIS 以针对 Active Directory 对用户进行身份验证,如果他们在本地网络上的 Windows 机器上,已经通过本地域的身份验证,并且 Intranet 被 GPO 定义为 Intranet 站点,则用户 Windows 登录详细信息将自动传递,并且可以使用$_SERVER超全局变量在 PHP 中访问。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.