我試圖通過與Active Directory LDAP驗證用戶身份的PHP Web應用程序。PHP_AUTH_USER和LDAP
<?php
$ldapconfig['host'] = 'ldapserv.xx.uni.edu';
$ldapconfig['port'] = 389;
$ldapconfig['basedn'] = 'dc=xx, dc=uni, dc=edu';
$ldapconfig['authrealm'] = 'Secure Area';
function ldap_authenticate() {
global $ldapconfig;
global $PHP_AUTH_USER;
global $PHP_AUTH_PW;
if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") {
[email protected]_connect($ldapconfig['host'],$ldapconfig['port']) or exit ("Error connecting to LDAP server.");
//Settings for AD
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
$r = @ldap_search($ds, $ldapconfig['basedn'], 'uid=' . $PHP_AUTH_USER);
if ($r) {
$result = @ldap_get_entries($ds, $r);
if ($result[0]) {
if (@ldap_bind($ds, 'uni\\' . $PHP_AUTH_USER, $PHP_AUTH_PW)) {
return $result[0];
}
}
}
}
header('WWW-Authenticate: Basic realm="'.$ldapconfig['authrealm'].'"');
header('HTTP/1.0 401 Unauthorized');
return NULL;
}
if (($result = ldap_authenticate()) == NULL) {
echo('Authorization Failed <br />');
exit(0);
}
echo('Authorization success');
print_r($result);
?>
此代碼只是提示用戶輸入用戶名/密碼,除非他們單擊取消。我究竟做錯了什麼?