开发者

PHP OpenSSO Authentication

We are currently implementing a new OpenSSO Server. The server is on a different server from the web server and I am having trouble getting authentication to occur on our PHP Web server.

The cookie set with the openSSO Token is called iPlanetDirectoryPro. This is set from authServer.company.com . I need to read this from webserver.company.com and then send an HTTPRequest to the authserver.company.com to retrieve the attributes for that OpenSSO Token.

Currently my code looks like this but it isn't working, I suspect due to not correctly reading the cookie.

$url = 'http://authServer.company.com:8080/opensso/identity/attributes';
$r = new HttpRequest();
$r->setURL($url);
$r->setMethod(HTTP_METH_POST);
$valarray = array(
    'Host' => 'authServer.company.com',
    'Content-Type' => 'application/x-www-form-urlencoded',
    'Cookie' => "iPlanetDirectoryPro=$_COOKIE[iPlanetDirectoryPro]"
    );
$r->addHeaders($valarray);
var_dump($r);
var_dump($valarray);
#
# request
#
print "<br/>";
print "<b>what i'm saying to the server</b>";
print "<pre>";
#print "iPlanetDirectoryPro cookie: $_COOKIE[iPlanetDirectoryPro]";
print $r->getRawRequestMessage();
print "</pre>";

print "iPlanetDirectoryPro cookie: $_COOKIE[iPlanetDirectoryPro]";
$r->send();

#
# re开发者_高级运维sponse
#
print "<b>what the server is telling me</b>";
print "<pre>";
$response_body = $r->getResponseBody();
print $response_body;
print "</pre>";

Any ideas about this? Am I going about this in the wrong way?

Update - So the bottom line I found was the server simply couldn't read the cookie as it was coming from another server. As a work aronud I implemented a REST API that allows the user to submit a login page from the webserver. Its send to the AuthServer which gives back a response. The response should typically be a token unless its invalid. If its a token, a new cookie is created with the token in it so that applications can then use that token to communicate with the authserver, but the cookie resides under the webservers domain


Obviously the 401 Token is null indicates that you are not sending the token with the request (or that OpenSSO cannot extract it from the request). If I assume that you are successfully getting the cookie from the client request then I suggest you try passing the cookie value as a param rather than a header to start with.

the param would be subjectid=token value.

I'd recommend testing with curl to get the form of the request right - then modify your code to match the successful curl request

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜