[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Windows logon and Webpages

Posted on 2003-10-29
6
Medium Priority
?
166 Views
Last Modified: 2010-04-06
Hi,

I have an Apache Server serving PHP pages. Now when ever a user request for a page, I need to check if the user is logged onto a domain(all users are on Windows machine, webserver runs on Linux). If user is logged onto a domain grant acces else deny access.

Detail explanation.

1. User A logs into his computer (running Windows).
2. Request for say index.php on my web server.
3. Here is where I need help. Check user is logged in onto domain say mydomain.
    If user is logged in onto domain, allow access to index.php
   else deny access.

I need to know the answer asap pleas.

Thank You
0
Comment
Question by:team
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
6 Comments
 
LVL 3

Expert Comment

by:red010knight
ID: 9647915
Sounds to me that you are setting up an intraweb? If so, all you need to do is grab the IP address of the requesting party. And if the IP address belongs to the group you have set up.

If you are talking in regards to a secure website, like one does to get into EE. The simplest way though little security is involved is to have a cookie set upon login into the domain. The next thing is the use of a database interface where upon logging in the database is updated to state the user is logged in. Then all PHP has to do is verify that the user and the person logged in is the same.

Otherwise you can always set up an .htaccess file so that only people who know the username and password can get on.

Just a few ways to do what you are asking, hope it helps.
Red010Knight
0
 

Author Comment

by:team
ID: 9650616
Yes, I am setting up a intranet website.

As of now anybody can plug their computer in our nwtwork and access the intranet website or connect through VPN and access it. We want to restrict the access only to authorized users of our compnay and deny access to visitors. All the authorized users of the company are  login to a common domain say mydomain. So now when ever a request comes from someone not logged in to mydomain, deny access.
0
 
LVL 3

Accepted Solution

by:
red010knight earned 2000 total points
ID: 9651509
Do you have MySQL or another database application?

Or in your network settings, your network admin should be able to restrict the access of persons not registered to the server. The most secure way, is to get everyone's MAC address set up in a connection list. So that if Person A's computer is not on the MAC Address list, deny access to things in system and maybe allow for a tunnel through to the www. But what you are asking should be handled by your network admin or take it to the problem to the networking board.

If you want this to be handled via the domain, you need apache and set up a .htaccess file. Or have a user table set up with a database to control who logs in. The use of session ids would also be needed for this.

Hope this helps,
Red010Knight
0
 
LVL 3

Expert Comment

by:red010knight
ID: 9651525
BTW information on .htaccess can be found at:
http://httpd.apache.org/docs/howto/htaccess.html

Red010Knight
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This article introduces an authentication and authorization system for a website.  It is understood by the author and the project contributors that there is no such thing as a "one size fits all" system.  That being said, there is a certa…
Introduction Knockoutjs (Knockout) is a JavaScript framework (Model View ViewModel or MVVM framework).   The main ideology behind Knockout is to control from JavaScript how a page looks whilst creating an engaging user experience in the least …
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question