Using ActiveX for communication beween Windows Active Directory and website on Linux
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Using ActiveX for communication beween Windows Active Directory and website on Linux
We have a client on Windows - utilising an internal Intranet. We want their users to be able to login to a website membership area without having to enter login details.
A suggestion has been made regarding using ActiveX and PHP on the website to query the users machine for a username that is then matched with a username in the MySQL database on the website.
This sounds like a potential solution, but is it feasible? as I cannot find anything in Google that would give me a good starting pointing on implementing this or something similar.
no, there is no activeX on linux
however,
there are plenty of websites that can remeber login cretentilas without ActiveX,
so possible your solution is not the best one, sounds like a something from the last century where people thought activeX in a website is a good idea
You should be able to use Apache authentication to query Open Active Directory (LDAP ...) and use this method to restrict access to all or part of the website. Since the website is internal, you do not have to implement a "login" system within the website itself, as you must do "outside." If the user isn't authorized (according to the company's security department), they can't get there. If they do get there, your PHP program has a reliable way to identify them and to know more about them. This creates "single sign-on."
Apache (or other) systems running on Linux can query an ActiveDirectory domain for authentication/authorization purposes, as can Linux itself (through PAM). There are many documents out there on the web that discuss how to do this.
(ActiveDirectory is basically Microsoft's pet trade-name for ... LDAP.)
I believe that you are incorrectly using the term "ActiveX" in this case, and that you mean "Active Directory."
Note: it's usually a good idea to have your script check the "ActiveX user" information that is provided by Apache ... which is known-good. If it is not there, then somehow the site has been accessed by someone whose identity is not known, i.e. due to an Apache configuration error or somesuch. In this case, the site should return, say, a "401 Not Authorized" code and refuse to do anything. Never use the same site for both "internal use only" and "public" purposes.
Last edited by sundialsvcs; 09-03-2014 at 08:39 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.