lapointd has asked for the wisdom of the Perl Monks concerning the following question:

Oh fellow monks, help this poor wanderer in his quest.

This humble monk operates a large online Perl/CGI/DBI application with a login access. Currently, I am using either stored passwords or NIS to authenticate my flock. Some of my unblessed congregation does not have UNIX access, so I store their passords encrypted in Oracle. This is inconvenient as it means one more password to remember. Everyone has an NT domain account and the some of the evil corporate IT applications (based on Microsoft) somehow authenticate using it. I would like to do this somehow....

Is there a way of doing an NT challenge/response from Perl running on UNIX? What modules might be applicable? Could you just do it with socket communications somehow?

Replies are listed 'Best First'.
Re: Checking Windows Authentication
by BigJoe (Curate) on Nov 03, 2001 at 03:02 UTC
    Actually I am looking at doing this by using a mod for apache called mod_auth_smb. I believe it is written in perl. It requires that you have the samba client libraries installed on the *nix system. Then you can install the module using: 
    perl -MCPAN -e'shell'
install Apache::AuthenSmb

    [download]
    This will install the stuff you need for authentication. Then I put in my httpd.conf file this line where I wanted the authentication point to be: 
    <Location >
    AuthName "Warning this is a restricted area"
    AuthType Basic
    PerlSetVar myPDC PDC.domain
    PerlSetVar myDOMAIN  domain
    PerlAuthenHandler  Apache::AuthenSmb
    require valid-user
</Location>

    [download]
    you need to change PDC.domain to your PDC server and your domain along with changing the domian on the next line. Because it passes these variables through to the authentication script. Also in your open Location tag you need to specify the location (acording to the webserver like /). Location can also be replaced by file directive to allow authentication to a file.

    Hope this helps. </code>

    --BigJoe

    Learn patience, you must.
    Young PerlMonk, craves Not these things.
    Use the source Luke.
[reply]
[d/l]
[select]
Re: Checking Windows Authentication
by lachoy (Parson) on Nov 03, 2001 at 03:29 UTC

    In addition to the other module mentioned, you might take a look at Authen::Smb. It needs compiling, but it's very simple to use. NB: The last time I used it (~1 year ago) the constants didn't seem to be exported properly from the module so I defined them locally. Not a big deal, but something to know.

    Chris
    M-x auto-bs-mode

[reply]

Back to Seekers of Perl Wisdom