0

We are trying to modify our intranet web applications, Every individual user to be use their own & only one username and password log-in authentication to log-in to all intranet web applications.

For that we try to use their local windows /linux system username and password .

Once user logged in to their system he/she can able to access all intranet web application directly once he/she browse the web application. He/she no need to log-in each and every time for each and every intranet web application .

I read many articles (one ,two ,three,four and so ..) but I could not understand how am I get local windows/linux system username and password those who logged in to that system by using PHP ,at least username alone is more enough.

I tried <?php echo getenv("username"); ?> this but its shows blank.

Please give me a solution .Please don't reject this question .

Thanks in advance for your answers and comments.

Community
  • 1
  • 1
tip_top
  • 57
  • 1
  • 10

2 Answers2

2

Short Answer: You can't get the local users machine-loginname on the server side. It would be a security-flaw!

Long Answer: You can use PHP to query your companies LDAP whether a username and a passwort given in a loginform match and use that information to authenticate that user for a given service. Thats a one password for everything-policy.

But as far as I understand you, you want a SingleSignOn-Policy (SSO) so that the user sitting at it's client doesn't even need to provide her credentials when accessing a website. This can only be achieved using a different toolchain that handles 'tickets' and such things. Such a Toolchain would be Kerberos which is used by Microsofts ActiveDirectory or Apples OpenDirectory. This toolchain can use LDAP as backend to store it's passwords.

But using Kerberos is everything else than easy. The WebServer providing your intranet-services has to be kerberized so that it can handle tickets it gets from the kerberos-server.

You should look into that diretion. Try Kerberos or SSO as search-strings in your favourite search-engine.

heiglandreas
  • 3,803
  • 1
  • 17
  • 23
  • we can get username of local machine using dotnet language is n't it ? – tip_top Apr 05 '13 at 11:32
  • Sorry I did not understand could you please explain me better ? – tip_top Apr 05 '13 at 11:39
  • For example, we have 6 php web application .In our company we are 500 employees are working each and every employee has to access all the web app using their local system log-in username and common password.They need not to log-in again.But Some of employees/users have different credential than other. Please help me how can I solve using PHP – tip_top Apr 05 '13 at 11:45
  • I have no idea what you can do in .NET - but as long as it's a server-sided language you have little possibilities to get informations on what user is logged in at the client. To give you more details we would need more informations about your setup. Which Browsers are you using, which server is the PHP-code running on (Apache, IIS, nginx, lighttpd to name a few) etc. – heiglandreas Apr 05 '13 at 14:12
0

You must authenticate with LDAP in your PHP.

Steps:

1) Make a login form 2) Receive the input and compare with your database (through ldap). 3) If its OK, start a session with PHP, save a Cookie. 4) use session_start() in all your sites, so you can get the session info.

Cookies can only be used by sites that created it, so you should have your intranet in the same domain or save this info in a database.

PHP will not get your system variables like you posted, PHP is not integrated in any OS, it's like any programming language, you build what you want.

JorgeeFG
  • 5,651
  • 12
  • 59
  • 92
  • or else is there any other language will do this except PHP ? – tip_top Apr 04 '13 at 13:31
  • I don't know, maybe C# and .Net that are from Microsoft and .Net is more integrated into Windows but I couldn't tell you because I didn't use it. Also, it's for creating Desktop Apps not Web apps. It's not hard to authenticate against Active Directory or OpenLdap from PHP. – JorgeeFG Apr 04 '13 at 13:53