How do I retrieve the user information of a user authenticated with Apache's mod_ldap?

前端 未结 2 763
我寻月下人不归
我寻月下人不归 2021-01-15 04:20

I have LDAP authentication working with Apache. Now I need to know how I can get what user logged in with PHP. Is it even possible? Do I have to do the authentication in PHP

2条回答
  •  一向
    一向 (楼主)
    2021-01-15 04:56

    If you activate the mod_authnz_ldap module and configure your section like this:

    
        AuthName "LDAP Secured"
        AuthType Basic
        AuthLDAPUrl "ldap://your.ldap.server:389/dc=example,dc=com?sAMAccountName"
        AuthLDAPBindDN "ADUser@ADDomain.local"
        AuthLDAPBindPassword "secret"
        AuthBasicProvider ldap
        AuthzLDAPAuthoritative off
        Require valid-user
    
    

    Then in your PHP code you can obtain the user ID that was used to log in like this:

    Any LDAP attribute that you specify in the AuthLDAPUrl directive can be obtained this way (prefix it with AUTHENTICATE_ and then append the attribute name in all uppercase). You can add more attributes by separating them with commas, but only the first one will be used for authentication. See http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#exposed and http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authldapurl for further details.

提交回复
热议问题