I've been trying to figure this out off and on for a few days now, and I think I just have a fundamental lack of understanding :)
I have Apache2 running in a windows environment serving up our company intranet. I'd like to be able to pass through the windows authenticated user so that I'm able to use it on the PHP side. At the moment, it's sort of working.
If I set up a virtual host that resolves directly to the server name, everything works as expected if I browse to http:// webserver
<VirtualHost *:80>
DocumentRoot "C:/www/test/public"
ServerName WEBSERVER
<Directory "C:/www/test/public">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
AuthName "Test"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOmitDomain On
SSPIUsernameCase Upper
SSPIPackage NTLM
SSPIPerRequestAuth on
require valid-user
</Directory>
</VirtualHost>
In this case, WEBSERVER is the name of the actual machine in the domain that hosts our internal sites.
If I use an alias that resolves to WEBSERVER, I get the prompt that asks me for my user/pass (which successfully validates if I provide the correct details).
This example generates the prompt if I browse to http:// sub.internaldomain.com, where sub.domain.com resolves to WEBSERVER:
<VirtualHost *:80>
DocumentRoot "C:/www/test2/public"
ServerName sub.internaldomain.com
<Directory "C:/www/test2/public">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
AuthName "Test2"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOmitDomain On
SSPIUsernameCase Upper
SSPIPackage NTLM
SSPIPerRequestAuth on
require valid-user
</Directory>
</VirtualHost>
Both tests are bare bones Zend Framework applications that are just trying to dump out $_SERVER. The first example above gives me the correct REMOTE_USER value while the second example has it if I enter in a valid user/pass on the prompt (or not at all if I remove the valid-user requirement).
Any thoughts??
