473,387 Members | 1,486 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Authenticating against Linux User.

Hi,

I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?

Smitro
Jul 17 '05 #1
6 2833
Smitro <no****@myh0use.c0m> wrote:
I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?


That can be done at more than 1 level. If sasl is installed you coud use
http://www.phpclasses.org/sasl otherwise pam, or try to figure out how
the hashed passwd is stored and do the same encryption in php
(mcrypt/des/md5 (depends on system)). If the system is running imap/pop
for local users you could try to authentitcate against those services.

Jul 17 '05 #2
In article <42********@quokka.wn.com.au>, Smitro <no****@myh0use.c0m>
wrote:
Hi,

I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?

Smitro


First off, php is a scripting language which can be used to create
dynamic web sites. The web server can be used to do authentication
(i.e. htaccess), but php can be used in it's place to authenticate in
it's place. I'd start by reading up on sessions either on the web or in
your php books. http://shiflett.org/articles has lots of great articles.

You don't typically authenticate against a user account when accessing a
web site. What are you trying to do?

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 17 '05 #3
Michael Vilain wrote:
In article <42********@quokka.wn.com.au>, Smitro <no****@myh0use.c0m>
wrote:

Hi,

I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?

Smitro

First off, php is a scripting language which can be used to create
dynamic web sites. The web server can be used to do authentication
(i.e. htaccess), but php can be used in it's place to authenticate in
it's place. I'd start by reading up on sessions either on the web or in
your php books. http://shiflett.org/articles has lots of great articles.

You don't typically authenticate against a user account when accessing a
web site. What are you trying to do?


I already have a mail server and other services all setup to use the
Linux users. I had a bit of a think about it, and I'm a think about it
since my last post and I have set it up to authenticating against the
mail server. I just need something that says yes they are a user of this
system or not. if so, display this page.. Think I've figured it all out
now, thanks for your help.
Jul 17 '05 #4
On Fri, 25 Mar 2005 14:15:51 +1000, Smitro wrote:
Michael Vilain wrote:
In article <42********@quokka.wn.com.au>, Smitro <no****@myh0use.c0m>
wrote:

Hi,

I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?

Smitro

First off, php is a scripting language which can be used to create
dynamic web sites. The web server can be used to do authentication
(i.e. htaccess), but php can be used in it's place to authenticate in
it's place. I'd start by reading up on sessions either on the web or in
your php books. http://shiflett.org/articles has lots of great articles.

You don't typically authenticate against a user account when accessing a
web site. What are you trying to do?


I already have a mail server and other services all setup to use the
Linux users. I had a bit of a think about it, and I'm a think about it
since my last post and I have set it up to authenticating against the
mail server. I just need something that says yes they are a user of this
system or not. if so, display this page.. Think I've figured it all out
now, thanks for your help.


I think you need to do some more reading. Mail services may well use the
system services to authentigate against, but they do *not* provide
authentication services for anything.

Look at PAM, for example.

Steve

Jul 17 '05 #5
*** Smitro escribió/wrote (Fri, 25 Mar 2005 12:55:25 +1000):
I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?


I haven't tried myself but the "POSIX Functions" chapter in PHP manual
seems promising. Also, there're some user comments in the posix_getpwnam()
page:
"To check passwords on a Unix-box, look at the mod_auth_external module for
Apache, it uses external programs to do the real job. The server won't ever
read the encrypted password.
One of them, pwauth, can be configured to use PAM or whatever is used on
your system. Users that can run this program are configured at compile
time. And this program can be called from PHP with exec(...)."

"Use the PHP PAM module
http://www.math.ohio-state.edu/~ccunning/pam_auth/"

--
-+ Álvaro G. Vicario - Burgos, Spain
+- http://www.demogracia.com (la web de humor barnizada para la intemperie)
++ No envíes tu dudas a mi correo, publícalas en el grupo
-+ Do not send me your questions, post them to the group
--
Jul 17 '05 #6
Alvaro G. Vicario wrote:
*** Smitro escribió/wrote (Fri, 25 Mar 2005 12:55:25 +1000):
I'm looking for a Tutorial about Authenticating using PHP and Linux User
Accounts. Can some one point me in the right direction?

"To check passwords on a Unix-box, look at the mod_auth_external module
for Apache, it uses external programs to do the real job. The server won't
ever read the encrypted password.
One of them, pwauth, can be configured to use PAM or whatever is used on
your system. Users that can run this program are configured at compile
time. And this program can be called from PHP with exec(...)."


No, although PAM can be used with an encrypted password, the dialog with the
user facing application would be very tricky to implement, and AFAIK has
never been done. Effectively, if you want to use PAM, you need to invoke it
with an un-encrypted password.

It should be possible to do a double challenge-hash to authenticate against
conventional /etc/passwd or /etc/shadow or even NIS password databases
without sending a cleartext password nor the system being vulnerable to
replay attacks (there's certainly a Javascript version of MD5, and a quick
google suggests crypt has been ported too).

It's rather an indirect solution though - SSL make life a lot simpler - then
just invoke the right PAM stack. There are a few stand-alone programs which
will do the PAM thing for you (but they're not that hard to write). There
used to be one shipped with squid.

HTH

C.
Jul 17 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: dave | last post by:
Hello, I've got a php script that is trying to authenticate a user against a rh9 /etc/passwd file. The passwd file has permissions of 444 but when i try to log in i am being redirected to my error...
0
by: shalinmangar | last post by:
I want to authenticate users (defined in an Active Directory Service running on a Windows 2000 Server machine) from PHP Code running under Linux (Fedora Core 3 with Kerberos 5 installed). I just...
0
by: Eric S. Johansson | last post by:
I'm writing an authentication module for the albatross Web development system. I am taking the easy way out and implementing an authentication system designed by people who are hopefully more...
3
by: Zeno Lee | last post by:
I'm trying to authenticate a user against a windows network. I want it to work across any kind of windows network from NT 4.0 up to Windows 2003 ADS. So far I've been using DirectoryEntry and...
3
by: mrwoopey | last post by:
Hi, I am using the example "Authenticate against the Active Directory by Using Forms Authentication and Visual Basic .NET": http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340 ...
1
by: mirlisa | last post by:
We have an odd problem. Sometime this morning our classic asp web application stopped authenticating against active directory. This is our only "classic" asp app that authenticates against ad....
1
by: spelunka | last post by:
Hello, does anyone know why one would lose their styles after successfully authenticating against forms auth? I'm using asp.net 2.0 and the page that is being redirected to after authenticating is...
1
by: GM | last post by:
Hello, I need ideas, concepts to realize the following things: I have a service (vb.net) running on a workstation communicating with a client application. The data flow does not need to be...
0
by: Nandagopal | last post by:
Hi, I am using the example "Authenticate against the Active Directory by Using Forms Authentication and C#": But I am having a problem figuring out the LDAP:// The LDAP:// that I pass looks...
0
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
0
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
0
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
0
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
0
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
0
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.