I have an application that uses an Oracle backend. The application uses PHP as the server side code to interact with the Database. Within this Oracle database I have a USER table with one of the fields called 'USER_NAME' which contains the 'user_name' for the contact, and another called ADMIN_ACCESS with Yes or No as the acceptable values in this field. If the user logging on has ADMIN_ACCESS == 'Yes' then they are authenticated to see ADMIN level controls and perform ADMIN level functions on the application.
My company uses SiteMinder to authenticate web users. According to info I have found, there is a variable called 'SM_USER' that is created by the SiteMinder agent, that contains the 'user_name' as a value passed back in to the HTTP header for the page they are trying to access.
What I need to do is, using PHP, grab this value from the SM_USER variable in the header and then compare the value with the 'user_name' field in the Oracle database for this user logging on, so that the application can determine as to whether they have ADMIN_ACCESS or not, allowing me to direct their session accordingly.