How to populate REMOTE_USER in Apache Server from Active Directory (associated with SSO)

Question

How to populate REMOTE_USER in Apache Server from Active Directory (associated with SSO)

I create an Intranet site for our company using Joomla 3.3.3.

I configured the virtual machine to start using Ubuntu 14.04 with the standard LAMP stack. I also installed Joomla, with which I was able to work with our Active Directory company (users can access the site from any computer on our network, and Joomla will recognize them).

Now I’m trying to implement SSO so that our employees don’t have to enter the site if they’re logged in to their workstations, and with the help of my troubleshooting, I narrowed it down to the variable “REMOTE_USER” rather than being populated by the APACHE server (the variable is not even displayed on my phpinfo() page)

I think I'm good at Joomla and PHP, but my Apache server and Ubuntu skills are pretty weak.

Can my users authenticate with the Apache server? I just need a Windows machine to transfer the Remote_User token to Joomla, but I don’t understand how to do this in Ubuntu.

+8

php joomla apache single-sign-on

James griggs Aug 15 '14 at 20:32

source share

1 answer

Chris rutherfurd · Answer 1 · 2016-04-01T23:57:05+0000

The first step to this is to change the group policy to add your Joomla site to the Intranet security group in Internet Explorer. Google Chrome and Firefox are part of the IE security group settings.

As soon as you do this, when your user browses your site from a computer that has passed domain verification, the browser will automatically send the user header with the user name that has already been verified, it can be accessed in PHP using $_SERVER['PHP_AUTH_USER'] superglobal.

How to populate REMOTE_USER in Apache Server from Active Directory (associated with SSO)

More articles: