0

Using PHP, I have implemented Basic Authentication as follows:

if ((isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER']=='') || (isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW']=='')) {
    header('WWW-Authenticate: Basic realm="Authentification"');
    $UsrId = $objLDAP->authenticateUser();
    die();
} elseif (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
    $UsrId = $objLDAP->authenticateUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}else{ 
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo '<script>window.location.reload();</script>';
    //$UsrId = $objLDAP->authenticateUser();
    //$smarty->display($templates['budWithoutAnyAccess']);
    die();
}
if ($pUser){
 //coding
}else{
    header('HTTP/1.1 401 Authorization Required');
    header('WWW-Authenticate: Basic realm="Access denied"');
    $UsrId = $objLDAP->authenticateUser();
}

It opens up the login popup.

If user provides the wrong credentials, I can show error message on page but on page re-fresh it should open the Authentication login pop-up as well.

On cancel also, I want to show message and on refresh, it should open the Authentication login pop-up.

How can I do that?

Thank you, Trupti

Trupti
  • 843
  • 2
  • 11
  • 28
  • Have you checked the examples in [the manual](https://www.php.net/manual/en/features.http-auth.php) and made any attempts? – M. Eriksson Feb 19 '20 at 12:40
  • Try this. https://stackoverflow.com/questions/4150507/how-can-i-use-basic-http-authentication-in-php – sumant Feb 19 '20 at 12:45
  • @MagnusEriksson yes. I tried that example. Once you hit sign-in button, it doesn't open up the login pop-up. I want it to open the pop-up on page re-fresh. – Trupti Feb 19 '20 at 12:52
  • @sumant, I want to open the login pop-up if user clicks on cancel or gives wrong credentials. – Trupti Feb 19 '20 at 12:55
  • But you have more code than the above, right? Please show us what you have. It's hard to know what's going on from only the above two headers. – M. Eriksson Feb 19 '20 at 14:56
  • @MagnusEriksson, I have updated the question with code. – Trupti Feb 20 '20 at 05:25

1 Answers1

-1

Please check this! 

 if (!isset($_SERVER['PHP_AUTH_USER']))
    {
        header('WWW-Authenticate: Basic realm="Sally Port"');
        header('HTTP/1.0 401 Unauthorized');
        echo 'Click <a href="login.php">here</a> to reload';
        exit;
    }

    if(checkLDAPUser($ldapServername))
    {
        // If ldap authentican is successful then redirect the user to gateway.php
        header("location:gateway.php");
    }
    else
    {
        //Clear global variables.
        unset($_SERVER['PHP_AUTH_USER']);
        unset($_SERVER['PHP_AUTH_PW']);

    //  If the password is incorrect, show popup until the password is correct.
        while(checkLDAPUser($ldapServername)!=1)
        {
            unset($_SERVER['PHP_AUTH_USER']);
            unset($_SERVER['PHP_AUTH_PW']);
            header('WWW-Authenticate: Basic realm="Sally Port"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'Click <a href="login.php">here</a> to reload';
            exit;
        }
    }
function checkLDAPUser($ldapServername)
{
    $username=$_SERVER['PHP_AUTH_USER'];
    $password=$_SERVER['PHP_AUTH_PW'];

    //$adServer = "ldap.".$ldapServername.".com";
    $adServer = "ldap://bchq-dc-v1.blackcreek.local";
    $ldap = ldap_connect($adServer);
if($ldap)
{WriteLog("LDAP connected");

}
else
{WriteLog("LDAP Failed");

}
    $ldaprdn = "cn=read-only-admin,dc=example,dc=com";
    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
    $bind = @ldap_bind($ldap, $ldaprdn, $password);             
    //Set up session if connect is successful.
    if($bind)
    {
        return 1;
    }
    else
    {console.log("LDAP Username and Passwords are incorrect");

        return 0;
    }
}
Mahesh
  • 371
  • 3
  • 11