Hello,
I created a website for my company, and it had run fine for years.
Then, recently some users were reporting an issue with the site.
Digging into it more, it appears as though the NTLM authentication code doesn't seem to be working on some computers, but it does on others.
Below is the code.
Any ideas/assistance would be greatly appreciated.
$headers = apache_request_headers();
if (!isset($headers['Authorization']))
{
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM');
exit;
}
// Retrieve the NT LOGIN information
$auth = $headers['Authorization'];
if (substr($auth,0,5) == 'NTLM ')
{
$msg = base64_decode(substr($auth, 5));
if (substr($msg, 0, 8) != "NTLMSSP\x00")
die('error header not recognised');
if ($msg[8] == "\x01")
{
$msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
"\x00\x00\x00\x00". // target name offset
"\x01\x02\x81\x01". // flags
"\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
"\x00\x00\x00\x00\x00\x00\x00\x00". // context
"\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
exit;
}
else if ($msg[8] == "\x03")
{
function get_msg_str($msg, $start, $unicode = true)
{
$len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
$off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
if ($unicode)
return str_replace("\0", '', substr($msg, $off, $len));
else
return substr($msg, $off, $len);
}
$user = get_msg_str($msg, 36);
$domain = get_msg_str($msg, 28);
$workstation = get_msg_str($msg, 44);
// Create sessions, holding the $user, $domain, and $workstation
$_SESSION["meUser"] = $user;
$_SESSION["meDomain"] = $domain;
$_SESSION["meWorkstation"] = $workstation;
}
}
/* echo "Please use the Google Chrome Browser for this site";
echo "<br>";
echo "<br>"; */
$user = $_SESSION["meUser"];
//echo "Welcome: " . $_SESSION["meDomain"] . "\\" . $_SESSION["meUser"];
$meNTLogonWithDomain = $_SESSION["meDomain"] . "\\" . $_SESSION["meUser"];
The error message isn't too telling, it's "Hmmm… can't reach this pageIt looks like the webpage at http://10.163.38.55/neDivCollections/main.php might be having issues, or it may have moved permanently to a new web address."
Believe it is erroring out around header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
I created a website for my company, and it had run fine for years.
Then, recently some users were reporting an issue with the site.
Digging into it more, it appears as though the NTLM authentication code doesn't seem to be working on some computers, but it does on others.
Below is the code.
Any ideas/assistance would be greatly appreciated.
$headers = apache_request_headers();
if (!isset($headers['Authorization']))
{
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM');
exit;
}
// Retrieve the NT LOGIN information
$auth = $headers['Authorization'];
if (substr($auth,0,5) == 'NTLM ')
{
$msg = base64_decode(substr($auth, 5));
if (substr($msg, 0, 8) != "NTLMSSP\x00")
die('error header not recognised');
if ($msg[8] == "\x01")
{
$msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
"\x00\x00\x00\x00". // target name offset
"\x01\x02\x81\x01". // flags
"\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
"\x00\x00\x00\x00\x00\x00\x00\x00". // context
"\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
exit;
}
else if ($msg[8] == "\x03")
{
function get_msg_str($msg, $start, $unicode = true)
{
$len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
$off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
if ($unicode)
return str_replace("\0", '', substr($msg, $off, $len));
else
return substr($msg, $off, $len);
}
$user = get_msg_str($msg, 36);
$domain = get_msg_str($msg, 28);
$workstation = get_msg_str($msg, 44);
// Create sessions, holding the $user, $domain, and $workstation
$_SESSION["meUser"] = $user;
$_SESSION["meDomain"] = $domain;
$_SESSION["meWorkstation"] = $workstation;
}
}
/* echo "Please use the Google Chrome Browser for this site";
echo "<br>";
echo "<br>"; */
$user = $_SESSION["meUser"];
//echo "Welcome: " . $_SESSION["meDomain"] . "\\" . $_SESSION["meUser"];
$meNTLogonWithDomain = $_SESSION["meDomain"] . "\\" . $_SESSION["meUser"];
The error message isn't too telling, it's "Hmmm… can't reach this pageIt looks like the webpage at http://10.163.38.55/neDivCollections/main.php might be having issues, or it may have moved permanently to a new web address."
Believe it is erroring out around header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));