I read the requirements for php CAS and it seemed that is for us in a linux OS.<br><br>I am using Widnows.<br><br>Thanks,<br><br>Nestor :-)<br><br><div class="gmail_quote">On Fri, Jan 30, 2009 at 8:49 AM, Metzler, David <span dir="ltr"><<a href="mailto:metzlerd@evergreen.edu">metzlerd@evergreen.edu</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">I get it. It might help to understand a bit about
what the CAS module does. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">The CAS module is a single sign on module that does
automatically log people in but only after checking with a centralized
authentication server to verify that they've logged in elsewhere. The idea
behind the cas server is that it's a centralized place to login, and we don't
want to expose the usernames and passwords to drupal. Rather if the user
needs to log in, we redirect the client to another location for login, and then
when they come back do a quick check to make sure that they have
authenticated. If the have, establish a drupal user session.
</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">In our environment, we actually use this to authenticate
against our MS Active Directory, but drupal never sees the user name and
password. That's handled by the CAS server which does Kerberos auth against
active directory. You do have to specify your username and password, but
that's authed by the CAS server against our active directory.
</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">Here's what the CAS module does: </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">1. At the beginning of the page load check to see if
there's already a drupal session? If so no need to interfere.
</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">2. Since we're not logged in, Check and see if we
"need to be", it may be ok to display a drupal page as anonymous user.( this is
reg expression based on the path), but if we need to be authenticated.
</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">3. If we need to be and we haven't logged in use
the phpCAS library to ask the centralized server what user we're logged in
as. The phpCAS client does this via a curl request to the CAS server.
This is the part I think you can replace with a simple environment
variable check. </font></span></div>
<div dir="ltr" align="left"><span></span><span><font color="#0000ff" face="Arial" size="2">4. Given
the username try and load the drupal user. If the user exists then great we
have a session established. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">5. If the user doesn't exist, and the cas module is
configured to automatically create accounts, create a local drupal account and
establish a session as that user. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">There are some tricks of course, and the module exposes
some configuration options, not all of which are relavent, but this is darn
close to what you need. If you have any specific questions, don't hesitate to
contact me off list. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">Dave</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"><a href="mailto:metzlerd@evergreen.edu" target="_blank">metzlerd@evergreen.edu</a></font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div><br>
<div dir="ltr" align="left" lang="en-us">
<hr>
<font face="Tahoma" size="2"><div class="Ih2E3d"><b>From:</b> <a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a>
[mailto:<a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a>] <b>On Behalf Of </b>Néstor<br></div><b>Sent:</b>
Friday, January 30, 2009 8:08 AM<div><div></div><div class="Wj3C7c"><br><b>To:</b>
<a href="mailto:support@drupal.org" target="_blank">support@drupal.org</a><br><b>Subject:</b> Re: [support] Drupal + IIS +
windows<br></div></div></font><br></div><div><div></div><div class="Wj3C7c">
<div></div>I work for a goverment agency and they tend to be MS shops but the
reasons why we want Drupal is because <br>we do not have the money in the budget
and I like to bring in some open source to help change the IT mind<br>that MS is
not the only way to go and that there are other choices. We do have an
intranet and was build in <br>2001 and I want to implement somthing more
current..<br><br>All the stuff you mentioned sounds so easy but it went over my
head. I will download the CAS and look at the<br>code to see if it means
anything to me.<br><br>I am actually surprise that more people do not have the
need for a module that automagically los users in.<br><br>Thanks all for your
replies.<br><br>Nestor :-)<br><br>
<div class="gmail_quote">On Thu, Jan 29, 2009 at 8:24 AM, Metzler, David <span dir="ltr"><<a href="mailto:metzlerd@evergreen.edu" target="_blank">metzlerd@evergreen.edu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">In such an
environment using drupal would be an uphill battle for sure, but if you've got
drupal working, and you've got IIS to do NTLM, it would seem to me that you
COULD write a drupal module to do what you're asking. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">Much of
the code is the same as what is in the CAS module (which I maintain) at <a href="http://drupal.org/project/cas" target="_blank">http://drupal.org/project/cas</a>. The primary difference
is where drupal would get the username. If you got a copy of the cas module,
and replaced the cas client code with a " get the logged in user
from an IIS provided environment php environment" chunk of code,
enabled the drupal is cas user repository checkbox set it up
to require cas auth for all pages, you would have the starting point
of a module that would, (I believe) do what you ask. </font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2">Again, I
don't know if its worth it. If you're reaching for integration with
Microsoft products then you might be better off with sharepoint, but if you're
looking for all the kinds of things that drupal provides (modular
extendibility, rich media integeration, etc) then this might be worth your
effort. Feel free to ask me any questions about the code if you're
interested.</font></span></div>
<div dir="ltr" align="left"><span><font color="#0000ff" face="Arial" size="2"><br>Dave</font> </span></div><br>
<div dir="ltr" align="left" lang="en-us">
<hr>
<font face="Tahoma" size="2">
<div><b>From:</b> <a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a> [mailto:<a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a>] <b>On Behalf Of
</b>Néstor<br></div><b>Sent:</b> Thursday, January 29, 2009 8:07 AM
<div>
<div></div>
<div><br><b>To:</b> <a href="mailto:support@drupal.org" target="_blank">support@drupal.org</a><br><b>Subject:</b> Re: [support] Drupal +
IIS + windows<br></div></div></font><br></div>
<div>
<div></div>
<div>
<div></div>Fletch,<br><br>I few days left to help the cause for using Drupal
but as long as I am unable to <br>set up the NLTM so that users do not have to
log into drupal then we probably go with<br>Sharepoint. I have tried
several of the solutions that I found when I googled but<br>they have not work
for me so far.<br> <br>:-)<br><br>
<div class="gmail_quote">On Tue, Jan 27, 2009 at 1:04 AM, John Fletcher <span dir="ltr"><<a href="mailto:net@twoedged.org" target="_blank">net@twoedged.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div link="blue" vlink="purple" lang="EN-AU">
<div>
<p><span style="font-size: 11pt; color: rgb(102, 51, 0);">Please let us know
whether you end up going for SharePoint or Drupal, and why.</span></p>
<p><span style="font-size: 11pt; color: rgb(102, 51, 0);"></span> </p>
<p><span style="font-size: 11pt; color: rgb(102, 51, 0);">Regards,</span></p>
<p><span style="font-size: 11pt; color: rgb(102, 51, 0);">Fletch.</span></p>
<p><span style="font-size: 11pt; color: rgb(102, 51, 0);"></span> </p>
<div style="border-style: solid none none; border-color: rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color; border-width: 1pt medium medium; padding: 3pt 0cm 0cm;">
<p><b><span style="font-size: 10pt;" lang="EN-US">From:</span></b><span style="font-size: 10pt;" lang="EN-US"> <a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a> [mailto:<a href="mailto:support-bounces@drupal.org" target="_blank">support-bounces@drupal.org</a>] <b>On Behalf Of
</b>Néstor<br><b>Sent:</b> Tuesday, 27 January 2009 3:44 AM<br><b>To:</b> <a href="mailto:support@drupal.org" target="_blank">support@drupal.org</a><br><b>Subject:</b> Re: [support] Drupal
+ IIS + windows</span></p></div>
<div>
<div></div>
<div>
<p> </p>
<p style="margin-bottom: 12pt;">Gordon,<br><br>Yes, I am interested. I
am planning on using IIS and IE in a windows environment.<br><br>Any
information you can provide would be helpful.<br><br>We are making the
decision between Drupal and Sharepoint and so far that is the one thing
that<br>Sharepoint has over drupal in our requirements.
<br><br>Thanks,<br><br>Rotsen</p>
<div>
<p>On Mon, Jan 26, 2009 at 5:19 PM, Gordon Heydon <<a href="mailto:gordon@heydon.com.au" target="_blank">gordon@heydon.com.au</a>> wrote:</p>
<p>Hi,<br><br>Yes I have gotten this to work before, but it only works on
IE<br>complete (FF will automatically ask for the
user/password).<br><br>Other issues is that it will not pass the password so
Drupal has no<br>idea of the password. Basically I had it working so that it
placed<br>trust in the ADS that the company used.<br><br>I would be a bit
more specific, but I can't find my original code.<br><br>If you want to know
more just let me know and I will see if I can find<br>it.<br><span style="color: rgb(136, 136, 136);"><br>Gordon.</span></p>
<div>
<div>
<p><br>On 27/01/2009, at 11:28 AM, Néstor wrote:<br><br>> Hi
people,<br>><br>> I want to set up drupal in a windows + IIS
environment and I want<br>> the user not to have to log in<br>> I want
drupal to automatically knwo who they are.<br>><br>> I am reading all
kinds of stuff but some how I am not installing<br>> them correct because
they do not work<br>><br>> Drupal + IIS + Windows and the user did not
have to login because its<br>> information was automagically pass to
drupal.<br>><br>> Did any of you people get this to
work?<br>><br>> Thanks,<br>><br>> Nestor :-)</p></div></div>
<p>> --</p>
<div>
<div>
<p>> [ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br><br>--<br>[ Drupal support
list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]</p></div></div></div>
<p> </p></div></div></div></div><br>--<br>[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a>
]<br></blockquote></div><br></div></div></div><br>--<br>[ Drupal support list
| <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a>
]<br></blockquote></div><br></div></div></div>
<br>--<br>
[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br></blockquote></div><br>