[英]NTLM authentification is not working in Apache/PHP
那是什么故事
我想在Apache中啟用NTLM身份驗證,並且已經安裝了ntlm庫(mod_auth_ntlm),安裝了必要的VS可再發行組件,並將以下字符串放置到httpd.conf中
LoadModule auth_ntlm_module modules/mod_authn_ntlm.so
<Location /test >
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMOfferBasic off
<RequireAll>
<RequireAny>
Require valid-user
</RequireAny>
</RequireAll>
</Location>
啟動phpinfo-並且沒有像REMOTE_USER這樣的變量,但是ntlm庫已成功加載
除/ test文件夾外,均可訪問Web服務器上的任何文件夾-它僅返回錯誤500 Apache error.log具有以下字符串:
[Wed Feb 24 14:54:46.231132 2016] [authn_core:error] [pid 668:tid 1776] [client 10.16.66.19:53872] AH01796: AuthType NTLM configured without corresponding module
那么,有什么收獲呢? 還有其他可能性嗎?
找到解決方案!
不過,它不是NTLM庫,而是SSPI(mod-authn-sspi)
下載正確版本的SSPI庫(對於Apache 2.4,應為mod_authnz_sspi)
將.so文件解壓縮並將其放入Apache / modules目錄
LoadModule authnz_sspi_module modules/mod_authnz_sspi.so <Directory "/test"> AllowOverride None Options None Order allow,deny Allow from all AuthType SSPI SSPIAuth On SSPIAuthoritative On SSPIDomain KL Require valid-user </Directory>
AuthName "authoriz" AuthType SSPI SSPIAuth On SSPIAuthoritative On require valid-user
當然,您可以更改AuthName
<?php $cred = explode('\\\\',$_SERVER['REMOTE_USER']); if (count($cred) == 1) array_unshift($cred, "(no domain info - perhaps SSPIOmitDomain is On)"); list($domain, $user) = $cred; echo "You appear to be user <B>$user</B><BR/>"; echo "logged into the Windows NT domain <B>$domain</B>"; ?>
應該管用!
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.