How to perform single point authentication with php, apache and LDAP
I have this senario. We have an application server that contains several web applications that our users use. Our users and groups are stored in the OpenLDAP database. Access to these apps is limited by group.
Now what I would like to do is that when the user clicks on the server ( http: // server / ), the main web application is displayed forcing the user to login with the LDAP server. Authentication displays a list of applications that the user has access to. They use this list to navigate to the desired application.
Users cannot go directly to the app, for example. http: // server / someapp , if not logged in, the Apache server is redirected to the server root.
Is it possible to authenticate a user in a web application and use that authentication for apache to authorize in other applications hosted on the server?
The apache dialog is something we can't go back to, do you think it confuses our users?!?!
If above is not possible, any other suggestions would be really helpful.
Many thanks.
It might help, I tried doing something like this before as a test setup but alas it didn't get far, this one how to
should shine some light as it goes through the directory permissions
http://www.opensourcehowto.org/how-to/apache/setup-apache2-with-openldap-authentication.html mod_auth_ldap http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html
You will need in your The Authorization Phase
check against their respective group access and this will be installed in each .htaccess
file folder
EDIT: I found you a PHP form link: http://www.phpbuilder.com/board/showthread.php?t=10257921 Try this, user has PHP certifying it (if you choose to use that language).