[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] pulling winders environment data into a form from a PHP webpage



This is what I use below, you'll need to play around with the ou= section and make sure that you have mod_auth_ldap loaded in httpd.conf

The bit at the end with the gidNumbers are the group you want to give access to, so this is for only Staff, Domain Admins & Finance, if you wanted everyone to have access swap it to

AuthLDAPURL ldap://alpha.portsmouth-college.ac.uk/ou=Users,dc=portsmouth-college,dc=ac,dc=uk?uid??(objectclass=*)

This means everyone but gets the PHP variables setup for you.

It opens some interesting doors as I use the plantext passwords to create MD5 hashes that I then enter into a mysql datase for another project I've been working on, if you'd like this page as well just ask & I'll mail it over.

Brian


AuthType Basic
AuthName "TPCTV - Portsmouth College Staff only"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://alpha.portsmouth-college.ac.uk/ou=Users,dc=portsmouth-college,dc=ac,dc=uk?uid??(|(gidNumber=553)(gidNumber=533)(gidNumber=512))
require valid-user

Doug Simpson wrote:
I'd like to see those configs, if possible. . .

plaintext pw doesn't really bother me because this webserver is not available from outside, and is generally used in a specific classroom. . .

Thanks!

Doug

Doug Simpson
Technology Specialist
De Queen Public Schools
De Queen, AR
simpsond leopards k12 ar us
"A Dollar Saved is a Dollar Earned"


Brian Chivers <brian portsmouth-college ac uk> 11/7/2008 11:02 AM >>>
A quick google and it looks like Novell Edirecotry is a LDAP server so it's quite easy to do. I use LDAP authentication against our OpenLDAP servers a lot for some of our php / linux servers so if you'd like my config's let me know and I'll mail them over.

If you get it working you have access to PHP_AUTH_USER & PHP_AUTH_PW and once you have these you can do anything, the scary bit is when you look at the PHP_AUTH_PW and see that it's a plaintext password !!!!!

Brian

Doug Simpson wrote:
Ok, but woudl that mean that I'd have to have authentication info on the server where php was running (the linux server)?

interesting, but getting deeper by the second. . .

DS

Doug Simpson
Technology Specialist
De Queen Public Schools
De Queen, AR
simpsond leopards k12 ar us "A Dollar Saved is a Dollar Earned"


Brian Chivers <brian portsmouth-college ac uk> 11/7/2008 9:24 AM >>>
Could try the $PHP_AUTH_USER variable if they've had to login to the page. If not create a php_info page that this will show you the variables.

The scary one is it you use ldap authentication or similar what is stored *grin*

Brian

Doug Simpson wrote:
Unique request. . .

Is there a way to write an input field in a webpage that will pull environment data from winders and enter it into an input field in a php webpage?

I am working on a system for bellwork (things the students must do first thing when the bell rings) and I would like the webpage they view and fill out with the daily bellwork to pull the login name of the currently logged-in windows user into a hidden field for submission to the teacher.

Two reasons:

A. Students couldn't cheat.

B. The teacher knows who did.

C. The teacher knows if they did it.

Ok, there was three. . .

I am using a script that takes input from the student, like name, period, grade, etc.

The teacher edits a simple text file with the day's instructions in it and that is placed using include.

The students have places to respond and a submit button at the end.

It then emails the results to a specified email account.

But with the student being able to enter the name themselves, a single student could enter the data for any number of them. If it pulled the currently logged in user's name and submitted that along with, the teacher would know if cheating was going on.

Just a weird, unique request. . .
Thanks!

Doug

P.S. The webpage is php, running on a linux server and the students are logging in on windows workstations from a Novell server.



Doug Simpson
Technology Specialist
De Queen Public Schools
De Queen, AR
simpsond leopards k12 ar us "A Dollar Saved is a Dollar Earned"



_______________________________________________
K12OSN mailing list
K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see <http://www.k12os.org>
------------------------------------------------------------------------------------------------
    The views expressed here are my own and not necessarily
the views of Portsmouth College
_______________________________________________
K12OSN mailing list
K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see <http://www.k12os.org>


_______________________________________________
K12OSN mailing list
K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see <http://www.k12os.org>


------------------------------------------------------------------------------------------------
    The views expressed here are my own and not necessarily
the views of Portsmouth College
_______________________________________________
K12OSN mailing list
K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see <http://www.k12os.org>

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>


------------------------------------------------------------------------------------------------
   The views expressed here are my own and not necessarily

the views of Portsmouth College
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]