Windows login help!!


#1

I have a website but I do not want use the login form to login to the website.
I wants to use the windows Login and then this can automatically login to the website.
How should I do?


#2

Here is one way…

http://alpho011.hubpages.com/hub/Use-Windows-Login-in-PHP-Applications


#3

Actually I found this before but I do not know how to find out domain name or IPaddress?


#4

You can use login by ip adress, make a script wich you run at windows startup wich gets your ip and update the database username with your ip and voila you are loged in allways :slight_smile:


#5

Well, I think we are not clear on what you want to do. You can use IP address, but, a good hacker can break that. (Although secure for most uses) Also, if you want to use the Windows Login, this is possible by the code that I sent to you. You would need to understand what Windows Login means. I think you are actually talking about “Windows Authentication”. This is used to secure MS apps such as SQLserver. When Windows “logs-in”, some users have a user id and password. Not all, for example, the computer I am typing on. So, without a password, there is no security on my laptop. Of, course, you could force this as an option. Websites can use local network shared drives. So, opening up the website to use someones Windows-Login (authentication) might cause issues because their drive is available to the PHP code. Not sure if that is safe.

So, the question is why do you need to to this type of connection?


#6

oh okay. I will try it. Thx.
mmm… actually is my lecture wants me do this type of connection.
Coz I also ask him why do not use the normal login? Just need two textbox one is for username another is for password. However, he said must do this, because he do not want login again, then I don’t have choice. :frowning:


#7

I explain more about what I want to do.
For example:When I open facebook, I need to login to my facebook account first. But now I want to login into Windows login after I click to open facebook then it will automatically login to my facebook account and then I no need to login again when I open facebook.


#8

Well, one idea would be to just use cookies. Cookies are easy to use. When you create a cookie, it is stored on the local machine. You would create a cookie and give it an expiration date. This date is when the cookie is no longer needed. Some programs keep the cookies for a week, month or year. Some can be set to not expire. They can be deleted by the owner of the computer if they decide to do. Your code can read this cookie when it starts and verify if it is correct. Using that cookie, you could use that info to log in the user and no actual logging in would be needed.

I think looking into cookies might be the best way to go.

Some notes on “cookies”. If the user (owner of the computer used) deletes the cookies, then, they will be forced to log back in. If the cookie expires, they will need to log in. This is a good security option. You do not want someone’s computer to be allowed in 100% of the time forever. This would not be good if they sold their computer to someone else. So, for security reasons, you could combine cookies and IP addresses. That would make if very secure. If someone steals a computer and tries to log in, the cookies would match, but, the IP would not allow them to get into the site. So, that would be secure.

Hope all this info helps you decide. Good luck.


#9

Cookies wont work, since they are locked to one domain.

The system you are referring to is OAuth. Facebook/Twitter/Google all have an api to do this. There are a number of classes ([url=http://www.phpclasses.org]PHPClasses.Org[/org]. a (OAuth Community website. Well a ton of info on it :slight_smile:


#10

Thank all of you for helping me. :slight_smile:
I found a code can solve this problem.


#11

That’s nice. Too bad you didn’t explain it so someone else might get help from your solution. Usually we share the solution… But, congrats you figured it out.


#12

[php]<?php

// loune 25/3/2006, updated 22/08/2009
// For more information see:
// http://siphon9.net/loune/2007/10/simple-lightweight-ntlm-in-php/
//
// This script is obsolete, you should see
// http://siphon9.net/loune/2009/09/ntlm-authentication-in-php-now-with-ntlmv2-hash-checking/
//

// NTLM specs http://davenport.sourceforge.net/ntlm.html

$headers = apache_request_headers();

if (!isset($headers[‘Authorization’])){
header(‘HTTP/1.1 401 Unauthorized’);
header(‘WWW-Authenticate: NTLM’);
exit;
}

$auth = $headers[‘Authorization’];

if (substr($auth,0,5) == 'NTLM ') {
$msg = base64_decode(substr($auth, 5));
if (substr($msg, 0, 8) != “NTLMSSP\x00”)
die(‘error header not recognised’);

if ($msg[8] == "\x01") {
    $msg2 = "NTLMSSP\x00\x02\x00\x00\x00".
        "\x00\x00\x00\x00". // target name len/alloc
        "\x00\x00\x00\x00". // target name offset
        "\x01\x02\x81\x00". // flags
        "\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
        "\x00\x00\x00\x00\x00\x00\x00\x00". // context
        "\x00\x00\x00\x00\x00\x00\x00\x00"; // target info len/alloc/offset

    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
    exit;
}
else if ($msg[8] == "\x03") {
    function get_msg_str($msg, $start, $unicode = true) {
        $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
        $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
        if ($unicode)
            return str_replace("\0", '', substr($msg, $off, $len));
        else
            return substr($msg, $off, $len);
    }
    $user = get_msg_str($msg, 36);
    $domain = get_msg_str($msg, 28);
    $workstation = get_msg_str($msg, 44);

    print "You are $user from $domain/$workstation";
}

}

?>[/php] This is the code I found. Can working.