ISAPI-LDAP-Authentication-Filter : System User Required ?
From: Björn Andersen (bjoern.dot.andersen.at.premiere.de_at_nospam.org)
Date: 04/28/04
- Next message: Ken Schaefer: "Re: New Security hole?"
- Previous message: Kfir: "Re: Strange Log File Entries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Apr 2004 12:52:25 +0200
Hello Group,
I'm working on the "IIS ISAPI LDAP Authentication Module" from
http://www.inflectioncorp.com/download/.
Purpose is to have IIS to authenticate against LDAP (ADAM) without the need
to set up system- or domainusers.
Going in the Code, I realised that an auth-modul only alters the auth
information passed with the "SF_NOTIFY_AUTHENTICATION" notify event. After
that, IIS seems to do the Auth as well - with new user data, perhaps, but it
seems to need an systemuser to authenticate.
If I let the module pass an default user after auth (e.g. the IIS anonymous
user), all works as expected, but many applications behind the IIS (ASP,
PHP, JSP, ...) rely on this user information (HTTP_AUTHENTICATED_USER or
so).
Is this right ? Or can I get IIS to take the LDAP-User as "Authenticated"
without runing against the system- or domain-userDB again ?
Have you got a better solution/module for this Problem ?
Thanks for your help
-- Bjoern Andersen
- Next message: Ken Schaefer: "Re: New Security hole?"
- Previous message: Kfir: "Re: Strange Log File Entries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
