How does single sign-on (SSO) work with PHP + Apache against an Active Directory for transparent authentication?

Question

I need to get more understanding about SSO on a web app against Active Directory.

For simply ask the user the login to authenticate on AD, I know that I can use some lib

Answer 1

Single-Sign-On and Shared-Authentication are related, but different, concepts. I think you may be confusing them. If you want true SSO, look in to CAS.

LDAP and AD are protocols for storing users and organisation data. They are not useful for doing the actual authentication over web, but you can use them behind an SSO (Such as CAS), as the "database".