Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers New LDAP Library!
New LDAP Library!
  • El Forum
    Guest
  •  
#13
11-17-2008, 08:48 AM

[eluser]Iverson[/eluser]
[quote author="ray73864" date="1226898446"]username isn't sent to the server, which is what makes it difficult, but even if it was, in a multi-domain environment you would still have to work out which domain they are viewing the page from.[/quote]

You can get a username. The problem is that I can't figure out how to get the $auth var without sending the headers (see code below). So far I can get definitely get the username from this code. I'm posting my code in hopes of getting more eyes on this. This is definitely needed in the PHP community so I'm trying to focus most of my spare time in solving this

:coolsmirk:
Code:
<?php
$headers = apache_request_headers();

if (!isset($headers['Authorization']))
{
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: NTLM');
    exit;
}

$auth = $headers['Authorization'];

if (substr($auth,0,5) == 'NTLM ')
{
    $msg = base64_decode(substr($auth, 5));
    if (substr($msg, 0, 8) != "NTLMSSP\x00")
    {
        die('error header not recognised');
    }
    if ($msg[8] == "\x01")
    {
        $msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
        "\x00\x00\x00\x00". // target name offset
        "\x01\x02\x81\x01". // flags
        "\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
        "\x00\x00\x00\x00\x00\x00\x00\x00". // context
        "\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset

        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
        exit;
    }
    else if ($msg[8] == "\x03")
    {
        function get_msg_str($msg, $start, $unicode = true)
        {
            $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
            $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
            if ($unicode)
            {
                return str_replace("\0", '', substr($msg, $off, $len));
            }
            else
            {
                return substr($msg, $off, $len);
            }
            $user = get_msg_str($msg, 36);
            $domain = get_msg_str($msg, 28);
            $workstation = get_msg_str($msg, 44);

            $array['user'] = $user;
            $array['domain'] = $domain;
            $array['workstation'] = $workstation;
        }
    }
}
?>


Messages In This Thread
New LDAP Library! - by El Forum - 11-14-2008, 01:42 PM
New LDAP Library! - by El Forum - 11-14-2008, 02:28 PM
New LDAP Library! - by El Forum - 11-14-2008, 03:22 PM
New LDAP Library! - by El Forum - 11-14-2008, 03:56 PM
New LDAP Library! - by El Forum - 11-14-2008, 04:43 PM
New LDAP Library! - by El Forum - 11-14-2008, 08:25 PM
New LDAP Library! - by El Forum - 11-14-2008, 11:52 PM
New LDAP Library! - by El Forum - 11-15-2008, 08:55 AM
New LDAP Library! - by El Forum - 11-15-2008, 05:40 PM
New LDAP Library! - by El Forum - 11-16-2008, 06:27 AM
New LDAP Library! - by El Forum - 11-16-2008, 05:07 PM
New LDAP Library! - by El Forum - 11-16-2008, 05:16 PM
New LDAP Library! - by El Forum - 11-17-2008, 08:48 AM
New LDAP Library! - by El Forum - 12-01-2008, 07:45 AM
New LDAP Library! - by El Forum - 12-18-2008, 05:04 PM
New LDAP Library! - by El Forum - 12-19-2008, 08:39 AM
New LDAP Library! - by El Forum - 12-19-2008, 08:43 AM
New LDAP Library! - by El Forum - 01-13-2009, 01:45 PM
New LDAP Library! - by El Forum - 01-13-2009, 02:35 PM
New LDAP Library! - by El Forum - 01-13-2009, 02:49 PM
New LDAP Library! - by El Forum - 01-13-2009, 03:07 PM
New LDAP Library! - by El Forum - 01-14-2009, 11:06 AM
New LDAP Library! - by El Forum - 01-26-2009, 10:00 AM
New LDAP Library! - by El Forum - 01-26-2009, 10:06 AM
New LDAP Library! - by El Forum - 01-26-2009, 10:19 AM
New LDAP Library! - by El Forum - 02-03-2009, 04:10 AM
New LDAP Library! - by El Forum - 02-03-2009, 02:37 PM
New LDAP Library! - by El Forum - 02-05-2009, 03:02 PM
New LDAP Library! - by El Forum - 02-09-2009, 01:14 PM
New LDAP Library! - by El Forum - 02-09-2009, 02:56 PM
New LDAP Library! - by El Forum - 03-13-2009, 03:41 PM
New LDAP Library! - by El Forum - 05-08-2009, 07:19 AM
New LDAP Library! - by El Forum - 05-21-2009, 04:06 PM
New LDAP Library! - by El Forum - 06-03-2009, 05:02 PM
New LDAP Library! - by El Forum - 06-04-2009, 06:00 AM
New LDAP Library! - by El Forum - 06-26-2009, 08:39 AM
New LDAP Library! - by El Forum - 07-06-2009, 03:59 PM
New LDAP Library! - by El Forum - 07-28-2009, 09:25 AM
New LDAP Library! - by El Forum - 07-28-2009, 09:33 AM
New LDAP Library! - by El Forum - 07-28-2009, 09:36 AM
New LDAP Library! - by El Forum - 07-28-2009, 02:31 PM
New LDAP Library! - by El Forum - 09-17-2009, 01:07 PM
New LDAP Library! - by El Forum - 02-23-2010, 08:35 AM
New LDAP Library! - by El Forum - 02-25-2010, 02:42 PM
New LDAP Library! - by El Forum - 02-25-2010, 02:57 PM
New LDAP Library! - by El Forum - 04-21-2010, 08:46 AM
New LDAP Library! - by El Forum - 04-21-2010, 09:53 AM
New LDAP Library! - by El Forum - 04-21-2010, 10:03 AM
New LDAP Library! - by El Forum - 04-21-2010, 10:19 AM
New LDAP Library! - by El Forum - 07-27-2010, 04:18 AM
New LDAP Library! - by El Forum - 08-25-2010, 07:42 AM
New LDAP Library! - by El Forum - 06-09-2011, 04:07 AM
New LDAP Library! - by El Forum - 01-26-2012, 03:51 PM
New LDAP Library! - by El Forum - 01-26-2012, 10:27 PM



Theme © iAndrew 2016 - Forum software by © MyBB