[Typo3-dev] S: Sponsoring Windows authentification in TYPO3

[Björn Schotte]

Hi,

Juergen Egeling wrote:
> be implemented in the way, that logged in Windows users, do not 
> have to authenticate again. The (new) TYPO3 authentification
> process should notice this automatically.

We implemented it in our framework (we have a very abstract login
library which gives you the possibility to create nearly any
login process including automagic logins) for two clients in that
way:

Install mod_auth_ntlm inside the Apache and configure it properly.
If a user accesses your websites, he gets a browser popup login
window (same as when you use Basic HTTP Authentication). The
user (including a possible Windows domain) will be submitted via
$REMOTE_USER. You then only need a data source where you *only* need
to check if this user exists (against any data source your customer
requires you, typically a LDAP or AD ressource) since the Apache module
already does the authentification against the windows domain server.

That's it. The browser popup windows appears only once per *browser*
session. If your customer doesn't want to have this: I remember that
IIS has the possibility to get the windows login user name transmitted
automagically. But that would require that you use IIS/Windows.

If you need further assistance, you can contact us via personal
e-mail.

-- 
ThinkPHP / Mayflower GmbH                   schotte at mayflower.de
Martin Luther Straße 5b                    Tel: 0931 / 78 43 804
97072 Würzburg                             Fax: 0931 / 78 43 795
* http://www.thinkphp.de/ *     http://blog.rent-a-phpwizard.de/