[support] Drupal + IIS + windows

Néstor rotsen at gmail.com
Fri Feb 13 00:28:41 UTC 2009 

I read the requirements for php CAS and it seemed that is for us in a linux
OS.

I am using Widnows.

Thanks,

Nestor :-)

On Fri, Jan 30, 2009 at 8:49 AM, Metzler, David <metzlerd at evergreen.edu>wrote:

>  I get it.  It might help to understand a bit about what the CAS module
> does.
>
> The CAS module is a single sign on module that does automatically log
> people in but only after checking with a centralized authentication server
> to verify that they've logged in elsewhere.  The idea behind the cas server
> is that it's a centralized place to login, and we don't want to expose the
> usernames and passwords to drupal.  Rather if the user needs to log in, we
> redirect the client to another location for login, and then when they come
> back do a quick check to make sure that they have authenticated.  If the
> have, establish a drupal user session.
>
> In our environment, we actually use this to authenticate against our MS
> Active Directory, but drupal never sees the user name and password. That's
> handled by the CAS server which does Kerberos auth against active
> directory.  You do have to specify your username and password, but that's
> authed by the CAS server against our active directory.
>
> Here's what the CAS module does:
> 1.  At the beginning of the page load check to see if there's already a
> drupal session?  If so no need to interfere.
> 2.  Since we're not logged in, Check and see if we "need to be", it may be
> ok to display a drupal page as anonymous user.( this is reg expression based
> on the path), but if we need to be authenticated.
> 3.  If we need to be and we haven't logged in use the phpCAS library to ask
> the centralized server what user we're logged in as.  The phpCAS client does
> this via a curl request to the CAS server.   This is the part I think you
> can replace with a simple environment variable check.
> 4.  Given the username try and load the drupal user. If the user exists
> then great we have a session established.
> 5.  If the user doesn't exist, and the cas module is configured to
> automatically create accounts, create a local drupal account and establish a
> session as that user.
>
> There are some tricks of course, and the module exposes some configuration
> options, not all of which are relavent, but this is darn close to what you
> need. If you have any specific questions, don't hesitate to contact me off
> list.
>
> Dave
> metzlerd at evergreen.edu
>
>
>
>  ------------------------------
> *From:* support-bounces at drupal.org [mailto:support-bounces at drupal.org] *On
> Behalf Of *Néstor
> *Sent:* Friday, January 30, 2009 8:08 AM
>
> *To:* support at drupal.org
> *Subject:* Re: [support] Drupal + IIS + windows
>
> I work for a goverment agency and they tend to be MS shops but the reasons
> why we want Drupal is because
> we do not have the money in the budget and I like to bring in some open
> source to help change the IT mind
> that MS is not the only way to go and that there are other choices.  We do
> have an intranet and was build in
> 2001 and I want to implement somthing more current..
>
> All the stuff you mentioned sounds so easy but it went over my head.  I
> will download the CAS and look at the
> code to see if it means anything to me.
>
> I am actually surprise that more people do not have the need for a module
> that automagically los users in.
>
> Thanks all for your replies.
>
> Nestor :-)
>
> On Thu, Jan 29, 2009 at 8:24 AM, Metzler, David <metzlerd at evergreen.edu>wrote:
>
>>  In such an environment using drupal would be an uphill battle for sure,
>> but if you've got drupal working, and you've got IIS to do NTLM, it would
>> seem to me that you COULD write a drupal module to do what you're asking.
>>
>> Much of the code is the same as what is in the CAS module (which I
>> maintain) at http://drupal.org/project/cas.  The primary difference is
>> where drupal would get the username. If you got a copy of the cas module,
>> and replaced the cas client code with a " get the logged in user from an IIS
>> provided environment php environment" chunk of code, enabled the drupal is
>> cas user repository checkbox set it up to require cas auth for all pages,
>> you would have the starting point of a module that would, (I believe) do
>> what you ask.
>>
>> Again, I don't know if its worth it.  If you're reaching for integration
>> with Microsoft products then you might be better off with sharepoint, but if
>> you're looking for all the kinds of things that drupal provides (modular
>> extendibility, rich media integeration, etc) then this might be worth your
>> effort.  Feel free to ask me any questions about the code if you're
>> interested.
>>
>> Dave
>>
>>  ------------------------------
>>  *From:* support-bounces at drupal.org [mailto:support-bounces at drupal.org] *On
>> Behalf Of *Néstor
>> *Sent:* Thursday, January 29, 2009 8:07 AM
>>
>> *To:* support at drupal.org
>> *Subject:* Re: [support] Drupal + IIS + windows
>>
>>   Fletch,
>>
>> I few days left to help the cause for using Drupal but as long as I am
>> unable to
>> set up the NLTM so that users do not have to log into drupal then we
>> probably go with
>> Sharepoint.  I have tried several of the solutions that I found when I
>> googled but
>> they have not work for me so far.
>>
>> :-)
>>
>> On Tue, Jan 27, 2009 at 1:04 AM, John Fletcher <net at twoedged.org> wrote:
>>
>>>  Please let us know whether you end up going for SharePoint or Drupal,
>>> and why.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Fletch.
>>>
>>>
>>>
>>> *From:* support-bounces at drupal.org [mailto:support-bounces at drupal.org] *On
>>> Behalf Of *Néstor
>>> *Sent:* Tuesday, 27 January 2009 3:44 AM
>>> *To:* support at drupal.org
>>> *Subject:* Re: [support] Drupal + IIS + windows
>>>
>>>
>>>
>>> Gordon,
>>>
>>> Yes, I am interested.  I am planning on using IIS and IE in a windows
>>> environment.
>>>
>>> Any information you can provide would be helpful.
>>>
>>> We are making the decision between Drupal and Sharepoint and so far that
>>> is the one thing that
>>> Sharepoint has over drupal in our requirements.
>>>
>>> Thanks,
>>>
>>> Rotsen
>>>
>>> On Mon, Jan 26, 2009 at 5:19 PM, Gordon Heydon <gordon at heydon.com.au>
>>> wrote:
>>>
>>> Hi,
>>>
>>> Yes I have gotten this to work before, but it only works on IE
>>> complete (FF will automatically ask for the user/password).
>>>
>>> Other issues is that it will not pass the password so Drupal has no
>>> idea of the password. Basically I had it working so that it placed
>>> trust in the ADS that the company used.
>>>
>>> I would be a bit more specific, but I can't find my original code.
>>>
>>> If you want to know more just let me know and I will see if I can find
>>> it.
>>>
>>> Gordon.
>>>
>>>
>>> On 27/01/2009, at 11:28 AM, Néstor wrote:
>>>
>>> > Hi people,
>>> >
>>> > I want to set up drupal in a windows + IIS environment and I want
>>> > the user not to have to log in
>>> > I want drupal to automatically knwo who they are.
>>> >
>>> > I am reading all kinds of stuff but some how I am not installing
>>> > them correct because they do not work
>>> >
>>> > Drupal + IIS + Windows and the user did not have to login because its
>>> > information was automagically pass to drupal.
>>> >
>>> > Did any of you people get this to work?
>>> >
>>> > Thanks,
>>> >
>>> > Nestor :-)
>>>
>>> > --
>>>
>>> > [ Drupal support list | http://lists.drupal.org/ ]
>>>
>>> --
>>> [ Drupal support list | http://lists.drupal.org/ ]
>>>
>>>
>>>
>>> --
>>> [ Drupal support list | http://lists.drupal.org/ ]
>>>
>>
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20090212/56fda026/attachment-0001.htm

More information about the support mailing list