-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jesse Kline wrote: > > I'm working with a web application which is able to automatically authenticate > users through active directory when they are using Internet Explorer. I > recently > setup another web app. running on Linux which has ldap functionality and is > able > to search for users to add to the system, but I would like it to authenticate > the users like the other systems do. Does anyone know how Internet Explorer is > able to authenticate the user using their Windows domain login, and how I > might > be able to use it? > There are two mechanisms that I know of. The first is Kerberos. If you know nothing about kerberos then I would suggest the O'Reilly book (it is actually very good and easy to read). I cannot do the topic justice in an email.
The second is by passing NTLM hashes, which firefox does as well (http://www.testingreflections.com/node/view/1365), though I believe that this is Windows only. There is a python hack that can get around this if you are running linux (http://www.linux.com/howtos/Web-Browsing-Behind-ISA-Server-HOWTO-4.shtml). Now your question is a little ambiguous. The web app itself can authenticate to LDAP, but this is *not* the same thing as an IE autologin. The web app needs to be able to relay Kerberos/NTLM, which it likely cannot do. > Thanks, > > Jesse > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEid5nwRXgH3rKGfMRAr+DAJ0Yz436tfDh4U9dnmwqNFPc9dJEXACfXsUR jDWLxSVQqckfiwyEd62MYdg= =kk/N -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
