Cannot see REMOTE_USER variable in Apache/2.2.3 (CentOS) using PHP 5.1.6.

Hi,

I'm usually an IIS, .NET windows type developer, but at the moment I'm trying to do some PHP.

I'm trying to get the REMOTE_USER server variable so that I can see who is logged on to the company Intranet and I'm using Apache/2.2.3 (CentOS) , PHP 5.1.6.

I've used the CheckPHP function to get all the config settings and I can see many of the server variables but not REMOTE_USER.

Can anyone help? Please bear in mind that I'm very new to linux, apache and PHP, and only really found a few console commands.

Many Thanks

Chris
chrispontAsked:
Who is Participating?
 
DarkFishConnect With a Mentor Commented:
NTLM authentication, by default, is not available under a Linux, Apache & PHP together.

You need to install and configure mod_ntlm for Linux & Apache, which is available at:

http://modntlm.sourceforge.net/

mod_ntlm essentially works by retrieving the remote user's details from the workstation and forwarding them to the PHP script using headers.

In addition mod_ntlm can limit who can access your Intranet, and if they are not logging onto correctly you can essentially force them to authenticate using their domain details (this might require more code though, as you would need to authenticate against Active Directory.)

If you don't mind me saying, if you're running a Microsoft based network and wanting to use PHP, you might be better off using PHP on a Windows server as you have, by default, more domain based options and controls over who can view your website.
0
 
hampus_bCommented:
The way to access remote_user is like this:

<?
echo $_SERVER['REMOTE_USER'];
?>


Try also to create a php-file with the following content:

<?

phpinfo();

?>

save it as info.php and point your browser to it.

Search for "Apache Environment" in the result. Does REMOTE_USER show up?
0
 
James LooneySr. Programmer/AnalystCommented:
Good morning,

Here is the list of Server Variables:
http://us2.php.net/manual/en/reserved.variables.server.php

For your environment, write a quick php script and put just this in it:

<?php
phpinfo();
?>

Run that and it'll show you all the variables available to you on your server.

I think the ones you are looking for are either

$_SERVER['REMOTE_USER']
$_SERVER['REMOTE_ADDR']  (for the ip)
or
$_SERVER['PHP_AUTH_USER']

Hope that all helps.
0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
chrispontAuthor Commented:
Sorry guys, I've tried phpinfo(); and cannot see the REMOTE_USER there (athough I can see REMOTE_ADDR and this shows the IP address of the client, not the authenticated user name).

I've tried $_SERVER['REMOTE_USER'] in some scripts and this is always empty.
0
 
James LooneySr. Programmer/AnalystCommented:
If you force the login using php's extension to HTTP_AUTH, you can output the username using $_SERVER['PHP_AUTH_USER']

for example, try this script:

<?php
if (!isset($_SERVER['PHP_AUTH_USER']))
{
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Text to send if user hits Cancel button';
    exit;
}
else
{
    echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
    echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}


0
 
TobiasCommented:
Hi !

You need to create a .htaccess and .htpasswd file.

The variable $_SERVER['PHP_AUTH_USER'] is used when you have put in place an authentication method.

Follow this tutorial and you would be able to get the user.

http://www.freewebmasterhelp.com/tutorials/htaccess/3


Best Regards
0
 
James LooneySr. Programmer/AnalystCommented:
Well, that'll get you the same thing as what I have proposed, just with more files. If you are already using php for your page, you can do the HTTP_AUTH via php and then use $_SERVER['PHP_AUTH_USER'] to get the username.
0
 
TobiasCommented:
Yes I don't have say that is different. Just trying to explain more how it's working. I don't care about get more points, just help people.
0
 
James LooneySr. Programmer/AnalystCommented:
Right. Same here. :)

My point was just that he is used to IIS and not apache, so he may not want to deal with extra files (.htaccess, .htpasswd) in setting this up.
0
All Courses

From novice to tech pro — start learning today.