How do I do this ASP WebDAV FBA Authentication example in PHP?
https://stackoverflow.com/questions/437927
-
22-07-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I need to have PHP authenticate to an exchange server. Once able to succesfully connect to it, I'll need to write webdav requests in the PHP so I can extract data from the exchange server and use it in a web application.
It would be somewhat simple except that the 2003 Exchange server has Forms Based Authentication (FBA) turned on. With FBA turned on I believe I'm suppose to do what the below (see link) blog article says. My problem is that I need help converting his instructions for ASP into PHP.
http://blogs.msdn.com/webdav_101/archive/2008/12/12/webdav-fba-authentication-sample-explained.aspx
Does anybody understand the details of what he's describing on this article? Any insight would help.
More specific info if needed: I'm confused as to how to configure the POST request (I mean, when you normally POST data to a form, don't you usually load the page your posting to? In his instructions he says to POST it to /exchweb/bin/auth/owaauth.dll . How does this work?)
I'm also confused as to how to do the 3rd step listed: 3) WebReq.KeepAlive and AllowAutoRedirect should be set to True on the request.
On top of that, I could really use some help detailing how to take the post data and put it in a cookie in PHP.
Thanks in advance for any help provided!
Solution
I believe the best way to do this is via curl. (http://ca.php.net/curl)
On the page linked, the first example is a good class to use (I've used it to auto-login into other websites)
It should have KeepAlive (header) and Redirect on by default (curl_setopt($process, CURLOPT_FOLLOWLOCATION, 1); )
You'll need to ensure the webservice can create/modify cookie.txt then try:
$cc = new cURL();
$cc->post('http://www.yourexchange.com','destination=https%3A%2F%2F' . $strServerName . '%2Fexchange%2F' . $strUserName . '%2F&username=' . $strDomain . '%5C' . $strUserName . '&password=' . $strPassword . '&SubmitCreds=Log+On&forcedownlevel=0&trusted=0');
The above is a quick translation from the info on the page you linked to, you may need to use urlencode() on your variables if there are special characters. Once the above successfully works you can use
$page=$cc->get('http://www.yourexchange.com/?whatever=youneed');
The $page will contain the string result from the get (it sends the cookie stored in the text file on this request) then you can use regular expression to get what you need.
This should get you very close to what you need.
OTHER TIPS
It looks like the text file is actually named "cookies.txt". You can create a blank text file with this name and upload it to the same directory. In your ftp client you should be able to set permissions, I believe 777 is the permission code you'll need. If you can't just enter the permission code try checking all boxes to give all permissions.
re: last post,
that is correct, where the script runs it is basically a client and the cookie file is a simple way of storing the cookie for easy re-use.
Chain,
Yes, this is referring to a file called cookies.txt (note: "cookies" with an "s") in the same folder as your code file curlclass.php.
cURL uses this to store and send cookies on subsequent requests. You are correct in your assumption that the web server running the PHP script is acting as the client; basically, it is logging into the Exchange server by simulating a POST to the login form, and then saving the cookie and sending it with each request, just as a browser would.
Create the file cookies.txt and set the permissions so that the user that is running your Apache instance can write to the file.
