PHP Kerberos: Check for valid ticket/Access the ticket
Question
We have an apache2-server using Kerberos for website-authentication via Active Directory. On the website i use the Drupal-Framework and the unsupported "Kerberos Authentication"-Module ( https://www.drupal.org/project/kerberos_authentication ).
When a user wants to access the Website, she/he has to do the following:
- Open the browser & navigate to the website
- A popup appears asking for Kerberos/AD credentials. (
)
- Enter AD credentials
- Being allowed to proceed to the drupal-website.
- Access the website
The problem is in Part 5: The user still needs to fill in the login-form to get logged into drupal. The AD username and password are working here thanks to the Drupal-Kerberos-Module. But this forfeits Kerberos in the first place, since the users have to enter their credentials more than once.
How can i access the ticket the user was granted/that is stored in the browser (or wherever it is stored) using php? Or how to check if a user as a valid Kerberos ticket so that the user does not have to enter his login data twice and gets logged into drupal automatically, using php? (I am aware that this could require me to write my own drupal module)
1 answers
solution1
1 ACCPTED 2014-10-30 13:20:06
Tangential to your question - though I've never managed to properly configure the module you mention, I've had great luck with the LDAP module. It also includes a submodule for SSO, which does exactly what you want, but using the Drupal login form as a fallback instead of the (in my opinion, ugly) popup shown in your example.
I hope this is helpful to you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.