|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2001-06-20 09:10 UTC] xavier dot galai at free dot fr
<?
//------------------------------------
// description : ntlm authentification module
//------------------------------------
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg="no auth scheme//";
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == "Authorization") {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header("HTTP/1.1 401 acc?s refus?");
header("WWW-Authenticate: NTLM");
}
//send the msg2 to the client.
function putmsg2($msg) {
header("HTTP/1.1 401 acc?s refus?");
header("www-authenticate: NTLM ".$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen("c:/test.txt","w+");
beginntlm();
fwrite($fp,"msg1 = ");
fwrite($fp,get_msg_auth());
fwrite($fp,"\nmsg2 = ");
//msg2 not in the script cause it is too big
fwrite($fp,putmsg2("TlRMTVNTUAACAAAADAAMADAAAAAFgoGgPhfzJ50JifsAAAAAAAAAAHIAcgA8AAAARABPAE0ARwBFAE4AAgAMAEQATwBNAEcARQBOAAEAHABTAFIAVgBHAEUAVABJAFQAXwBJAFMAUwBZADEABAAMAGQAbwBtAGcAZQBuAAMAKgBzAHIAdgBnAGUAdABpAHQAXwBpAHMAcwB5ADEALgBkAG8AbQBnAGUAbgAAAAAA"));
fwrite($fp,"\nmsg3 = ");
fwrite($fp,get_msg_auth());
fclose($fp);
}
ntlm_auth();
// header("location: index.php");
?>
the following code is working(IE only..), i get the correct test.txt but if i uncomment the last line "header(location..=) the redirection is done but the auth header are not correct.. i've used tcpdump to see what is the problem and i've find that the header are not transmitted in the correct order and are modified.... i doesn't know if its the apache fault or the php optimer fault by my compagny really wait for a php version that permit to send and to get the headers correctly..
Thanks a lot
the php used is the binary for win32 with default modules and default php.ini (apache is used)
php is used an module of apache.
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sat Dec 21 14:01:32 2024 UTC |
I currently use the module version of php like indicated in my previous description. I've separed the ""bug"" in two part to be more understandable (i'm not familiar with english) the first part is with the function header : if i execute the following code : header("HTTP/1.1 401 acces refuse"); header("www-authenticate: Negociate"); header("www-authenticate: NTLM"); (i know this not correct for rfc but IIS work like that..) and on the network dump i see: HTTP/1.1 401 unauthorized (not my message !!!) www-authenticate: NTLM (squizzed the negociate!!) now the second part of the message : during my challenge to obtain ntlm auth 3 messages are exchanged like that : c = client ; s = server 1 c -> s GET 2 s -> c http/1.1 401 unauthorized www-authenticate : NTLM 3 c -> s authorization: <msg1> 4 s -> c http/1.1 401 unauthorized www-authenticate : NTLM <msg2> 5 c -> s authorization: <msg3> so on the number 2 i do calls to header on the 3 i call getallheaders (return msg1) on the 4 i call header on the 5 i cal getallheaders i write it to a file (for tests) i close the file my first suprise was : on the network layer all is correct : 3 msg, 3 corrects contents and the 3 msg differents. on the php layer : msg1 is the same that msg 3 !!! if i do a redirection after have closed the file : it contains no more messages !!!!!!!! is the optmizer fault ????? If i'am not clear i can try to reexplainBy default PHP's header() function will replace the value of an http header with the value you give it. If you don't want it to replace, but instead add a second header with a different value, use the optional second arg to header() to tell PHP not to do this replace. So your code should be: header("www-authenticate: Negociate"); header("www-authenticate: NTLM",0); I don't blame you for not knowing this though. It isn't documented anywhere. I will take care of that now.thanks a lot ramus for your help.. the first part of the problem was my fault not the php fault.. but... the second part is always not functionnal... i can obtain the correct headers and response for the ntlm scheme but.. if i do a header("location : xxxx"); at the END of the program... the value are not written correctly !! maybe an optimizer miss optimization..... It strange that on a test without redirection all seems correct but adding instruction after the write and the file was closed and flushed this is not functionnal... thank a lot and sorry to spam you with my little problem. but it's a mission critical projet for France Telecom Mobile service (ORANGE) and i prefer using php with linux than IIS... i need to prove the possibilities of the open source platform.. Thank.