I am currently trying to expand my PHP-based intranet site for my company. It essentially functions as a bunch of different reports and utilities that I have selected and associated with them on the internal web server. Whenever people continue to perform the same task, I script, if at all possible, and throw it on the intranet page so that people can complete their task without my help.
This works fine so far, but there are several utilities that should be limited only by managers, etc. Now I know that I can create a whole registration system for user authentication, as would be done on a public website, but frankly, the pain in the ass for all participants. All users already have a Linux user account on the same server as apache, so I think it would be much better if I could just create a login form that will authenticate users against their system usernames / passwords, and then examine their groups to make sure that they have privileges to do what they are trying to do (in this case, they will belong to an existing group of "managers"). If I can get it out, it seems a win-win for everyone. Users do not need to register and remember / maintain / update another set of credentials, and I do not do anything extra when I want to add or remove users.
Is it possible? If there are no pre-existing libraries for this, can I just do it the direct way and read PHP and process / etc / passwd, / etc / shadow and / etc / group?
source share