Avatar of PaulyWolly
PaulyWolly
 asked on

Looking to read SM_USER variable from host headers using PHP

I have an application that uses an Oracle backend. The application uses PHP as the server side code to interact with the Database. Within this Oracle database I have a USER table with one of the fields called 'USER_NAME' which contains the 'user_name' for the contact, and another called ADMIN_ACCESS with Yes or No as the acceptable values in this field. If the user logging on has ADMIN_ACCESS == 'Yes' then they are authenticated to see ADMIN level controls and perform ADMIN level functions on the application.

My company uses SiteMinder to authenticate web users. According to info I have found, there is a variable called 'SM_USER' that is created by the SiteMinder agent, that contains the 'user_name' as a value passed back in to the HTTP header for the page they are trying to access.  

What I need to do is, using PHP, grab this value from the SM_USER variable in the header and then compare the value with the 'user_name' field in the Oracle database for this user logging on, so that the application can determine as to whether they have ADMIN_ACCESS or not, allowing me to direct their session accordingly.
PHPWeb ComponentsSoftware

Avatar of undefined
Last Comment
PaulyWolly

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
ahoffmann

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
PaulyWolly

ASKER
I will check this response once my server comes online from India. Till then I cannot make any determinations as to whether this is a valid response or not. I have been told early in the week. So whoever is stating that this question is inactive should understand that I have not abandoned this question and it is NOT inactive.
PaulyWolly

ASKER
This worked. Thanks!
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck