Getting the logged on windows user in your apache server

cellfish — Tue, 26 Aug 2008 08:30:00 GMT

I was recently involved in a discussion where a company was developing an intra-net site using Apache and PHP on a Windows server. All clients were windows and they wanted to know who was connecting to the intra-net site (only accessible inside the company firewall). And they wanted a SSO (single sign-on) experience for the users. They refused to switch to IIS and using integrated windows authentication.

Since they did not really wanted to authenticate users, just get a hint of who was connecting. So faking a NTLM authentication request and then parsing the data would be enough. And the script for doing so is pretty easy too. Here is one script I copied from here.

Note that this is nothing you can use to authenticate users since there is no authentication taking place. And the user will, with a standard installed browser be prompted for user name and password and can write anything. The script just prints whatever is sent by the user. And there is also no SSO feel to this. In order to get the SSO feel you have to do one of two things. Either the user must add the site using this script to his "Trusted Intra-net sites" in IE. This is done via Tools-Internet Options-Security. Or the company can add a group policy in the Active Directory enforcing this. For a situation as the described intra-net site, the latter is obviously the best solution.

Selenium the test tool

cellfish — Wed, 09 Apr 2008 21:39:00 GMT

I almost forgot that before the BDD/DDD presentation, there was a presentation about Selenium. I didn't forget it because it was a bad presentation but because the following presentation was so good...

I've never had any good experiences with tools for automatic testing but I must confess that Selenium looks nice. At least if you want to add regression tests to an existing GUI. And it is a web based GUI. So if those two fact apply to you, you should take a look at Selenium I think.

Selenium is good at recording actions and create test code. And it creates test code for unit tests frameworks such as NUnit and a whole bunch of other languages such as Python, Java, Ruby, PHP and more. However there seems to be some stability problems at the moment. According to the presenter (I have not found a link to verify this); Google have more than 51000 selenium tests in their projects. 96% of the tests run with no problem, 2% have problems due to confirmed bugs in Selenium and the last 2% are tests failing where the reason is unclear (Selenium vs the code tested).

This is a common problem I see when I work with open source. Open source applications are typically quite useful and easy to use 99% of the time. But I always tend to end up needing the last percent which is never implemented or have bugs. And the reason for this is usually that no one have bothered to implement the last tricky advanced feature I end up needing. You probably wanna know why I do not sit down and implement that feature and contribute it back to the open source community. Well that is a whole other topic and I will write about that it the near future.

Being Cellfish : PHP

Getting the logged on windows user in your apache server

Selenium the test tool