You're after NTLM support. There's a module floating around out there
named 'mod_auth_sspi' that does this, although it can be a bit hard to
track down (see
http://www.gknw.at/development/apache/httpd-2.0/win32/modules/).
Once loaded, set up a directive like this:
<IfModule mod_auth_sspi.c>
Alias /foo "C:/bar/foo"
<Location /foo-auth>
AuthName "Please Enter Your Logon Details"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
SSPIBasicPreferred Off
require valid-user
</Location>
</IfModule>
By default, if the user uses IE, it'll automatically pick their details
up without requiring them to log in. If they're using Firefox or some
other browser that doesn't support NTLM, they'll have to log in manually
with their Windows domain credentials.
I've only ever used this from a Perl handler, so I'm not entirely sure
what exactly in the request that it sets (perhaps someone could
clarify?), but from the Perl handler, the login name was accessible from
$r->user(). Note that the format includes the domain as well, i.e.
'LIME\tnelson'.
Actually, I'd be interested to hear if anyone used this in conjunction
with mod_jk, such that the user's Windows domain login name was
available by the time it got to a servlet via
request.getUserPrincipalName() or something. Anyone done that? The
"Java" approach for enabling NTLM support w/ Tomcat directly seems
nasty.
Trent.
________________________________
From: Sergio Stateri [mailto:[EMAIL PROTECTED]
Sent: 12 April 2006 21:37
To: dev@httpd.apache.org
Subject: Integrated Authentication
Hi,
Is there any way to do Apache HTTP Server recognize the users
of Operation System and put it in a System Variable, like IIS with
Integrated Authentication ? (IIS put Windows logged User in the
REMOTE_USER cgi variable).
thanks in advance for any help,
Sergio Stateri Jr.
[EMAIL PROTECTED]
