LDAP 身份驗證不起作用 PHP
[英]LDAP Authentication is not working PHP
問題描述
我正在嘗試進行 LDAP 身份驗證,但我被卡住了。 我不知道如何繼續。
我在互聯網上找到了這段代碼並進行了一些編輯。 問題是這不會提示任何內容。 我不確定這是否有效。 有人能幫我嗎? 我不確定,但我猜連接和綁定功能有效。
感謝幫助
<?php
$server = "127.0.0.1";
$basedn = "ou=people,dc=nodomain";
$script = $_SERVER['SCRIPT_NAME'];
if (isset($HTTP_COOKIE_VARS['cookie'])) {
$cookie = $HTTP_COOKIE_VARS['cookie'];
}
if (isset($cookie)) {
$username = $cookie['user'];
$password = ($cookie['token']);
$fullname = $cookie['fullname'];
$fqdn = $cookie['fqdn'];
$dn = "uid=$username, ";
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
if (!($bind = ldap_bind($connect, "$dn" . "$basedn", $password))) {
die("Could not bind to $dn$basedn");
}
} else {
if ((isset($_POST['username'])) && (isset($_POST['password']))) {
$username = $_POST['username'];
$password = $_POST['password'];
$filter = "(&(|(!(displayname=Administrator*))(!
(displayname=Admin*)))(cn=$username))";
$dn = "uid=$username, ";
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
if (!($bind = ldap_bind($connect, "$dn" . "$basedn",
$password))) {
die("Could not bind to $dn --- $connect");
}
$sr = ldap_search($connect, $basedn, "$filter");
$info = ldap_get_entries($connect, $sr);
$fullname = $info[0]["displayname"][0];
$fqdn = $info[0]["dn"];
setcookie("cookie[user]", $username);
setcookie("cookie[token]", $password);
setcookie("cookie[fullname]", $fullname);
setcookie("cookie[fqdn]", $fqdn);
} else {
?>
<html>
<head>
<title>OTP Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="expires" content="0">
<meta http-equiv="pragma" content="no-cache">
</head>
<SCRIPT LANGUAGE="JavaScript">
<!--
document.onmousedown=click;
function click()
{
if (event.button==2) {alert('Right-clicking has been
disabled by
the administrator.');}
}
//-->
</SCRIPT>
<div align="center">
<form method="post" action="<? echo $script; ?>">
<div align="center">
<table width="210" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center">
<fieldset>
<Legend><font face="Verdana,Tahoma,Arial,sans-serif" size="1"
color="gray">Enter Credentials</font></Legend>
<table border="0" cellspacing="3" cellpadding="0">
<tr>
<td align="right" valign="middle"><b><font
face="Verdana,Tahoma,Arial,sans-
serif" size="1" color="gray">Username:</font></td>
<td align="center" valign="middle">
<input class="clear" type="text" size="15" name="username">
</td>
</tr>
<tr>
<td align="right" valign="middle"><b><font
face="Verdana,Tahoma,Arial,sans-
serif" size="1" color="gray">Password:</font></td>
<td align="center" valign="middle">
<input class="pass" type="password" size="15"
name="password">
</td>
</tr>
</table>
<input type=image src="images/login.gif" alt="Login"
name="image">
<br>
</div>
</td>
</tr>
</fieldset>
</table>
<br>
<table width="640"><tr><td align="center">
<font face="Verdana,Tahoma,Arial,sans-serif" size="1"
color="silver">This System is
for the use of authorized users only. Please enter your username and password as well as your OTP</font>
</td></tr></table>
</div>
</form>
</div>
</body>
</html>
<?
die ();
}
}
$>
1 個解決方案
解決方案1
0 2011-06-06 09:56:07
將密碼存儲在 cookie 中通常是一個壞主意,應該從您的代碼中刪除。
編碼:
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
if (!($bind = ldap_bind($connect, "$dn" . "$basedn",
$password))) {
die("Could not bind to $dn --- $connect");
}
是什么在做你的身份驗證,應該是有效的。 雖然如果綁定失敗,死亡有點苛刻,因為這意味着身份驗證被拒絕。 我寧願 output 一些文字說登錄不正確。
PHP LDAP身份驗證不起作用
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.