Getting blank value for $_SERVER['AUTH_USER']

Question

I have a PHP app running on Windows 2008 server R2, which authenticates users against Active Directory using PHP's LDAP library.

As per this answer, I'm looking to use $_SERVER['AUTH_USER'], but I'm getting a blank value for it. Same for AUTH_TYPE and AUTH_PASSWORD. The variables are declared, but none of them have any value assigned to them.

I've enabled both the Basic Authentication and Windows Authentication roles (through Server Manager), but neither has solved the issue.

I'm using PHP 5.3.14, Zend Server CE and IIS 7.5.

I need to apply a single sign on solution, but without being able to fetch the currently logged in user's credentials, I'm at a loss.

Any help would be greatly appreciated.

Answer 1

I got it working by disabling Anonymous Authentication in IIS, and enabling Windows Authentication (I thought Windows Authentication was already enabled, but it turns out the role was simply installed.) Now $_SERVER['AUTH_USER'] and $_SERVER['REMOTE_USER'] are populated.

Answer 2

I believe the correct index for the authenticated user is $_SERVER['REMOTE_USER'].

Answer 3

According to the PHP documentation, the correct index seems to be PHP_AUTH_USER.

Try using $_SERVER['PHP_AUTH_USER'].