Work decided to change the distribution of msdn-aa software (MSDN academic alliance) to a system where we do the verification whether a person is authorized to access the download and e-academy does the rest using ELMS (e-academy License Management System). This requires some setup in the webserver and the documentation from e-academy wasn't very clear (a whole stack of paper with lots of bits explained but a simple explanation was hard to find). But, with the sample pseudo code in the documentation I managed to build something. Checking usernames and passwords is left to the webserver (quite good at that bit), initializing user data and validating the session is done in php after which control is returned to the e-academy server. And I added an error-page especially for this script explaining which username/password to use.
I decided to throw the results online so others can borrow from the sample and implement their own. Directly copying the sample will never work as a lot of the data is really local.
Webserver configThe elms system insists on a secure webserver with https:// urls. We insist on that too for anything which asks for user names and passwords, so that matches nicely.
The webserver is configured to require auth on the verification url. I could do this with a login form in php, but the webserver is configured for ldap queries anyway so I copied that bit.# for msdnaa verificationThe php script verify.php just checks carefully whether it is called with the right parameters and with an authenticated user. It then queries ldap for the user data and does the call back to the e-academy server to validate the session and set the userdata.
AuthName "Informatica medewerkers en studenten" AuthType Basic AuthLDAPURL ldap://ldap.cs.uu.nl:389/dc=cs,dc=uu,dc=nl?uid AuthBasicProvider ldap AuthzLDAPAuthoritative off require valid-user ErrorDocument 401 /msdnaa/error.php
When all that goes well and e-academy shows no error a redirect is given back to the server (the user never sees a page from our server when all goes well).
ELMS integrated user verification in PHP / 2007-11-12
2007-11-12 ELMS integrated user verification in PHP