Windows loginID help on Windows/Apache2.2 environment

Question

Hello Apache/Win Masters:

I really could use some help in solving what appears to be a trivial issue. In summary, I want to know the Window's loginID for the user accessing a Perl .cgi running in Apache on a Windows environment.

Here's my basic Apache2 conf additions:

---- begin httpd.conf -----

...

LoadModule sspi_auth_module modules/mod_auth_sspi.so
...
<IfModule mod_auth_sspi.c>
    <Location "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">
        AuthName "A Protected Place"
        AuthType SSPI
        SSPIAuth On
        SSPIAuthoritative On
        #SSPIBasic On
        SSPIOfferBasic On
        #SSPIDomain On
        #SSPIBasicPreferred
        #SSPIUsernameCase lower
        require valid-user
    </Location>
</IfModule>
...
<Directory "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
...

---- end httpd.conf -----

In addition, I've also enabled SSL on my machine using the excellent instructions at: http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-serversetup.html#tsvn-serversetup-apache-7

The site above calls for loading the Apache module mod_auth.so, but I can't find it in my default Apache2 installation. Also, As you can see, I've manually added the mod_auth_sspi-1.0.4-2.2.2 module to my Apache2 environment.

Now, when I try both http://localhost/cgi-bin/test.cgi AND https://localhost/cgi-bin/test.cgi, I don't see anything in the way of a REMOTE_USER in the http/environment variables. I know the SSL is working because the https call displays a ton of SSL variables. Also, I don't have a requirement for SSL, but am only using it since the link above says it is required to get the Windows login info.

I would really appreciate any insight. I am happy to share the httpd.conf file in full if that is helpful. Basically, to reiterate, all I'm looking for is a way to capture the Windows loginID in my Perl .cgi on a Windows/Apache2.2 hosting environment.

Many many thanks in advance for everyone's help,

Saker Ghani

Answer 1

Not a windows programmer, so I'm not sure what a loginID is, but maybe Win32::LoginName and Win32::LookupAccountName will be of help?

Answer 2

This might not help too much, but I don't believe you need to do anything special to get this information. I'm running an Apache 2.2 installation with mod_auth_sspi and I use the REMOTE_USER environment variable to successfully get the information you're looking for. (For example, when I access one of the pages, REMOTE_USER is "MYDOMAIN\oeuftete".)

I don't use the SSPIOfferBasic option which is the only substantial configuration difference, but I don't think that would matter. I also specify the options in the directive and not in a separate directive.

I guess what I'm saying is, based on what you've given, it should work. So perhaps there's something else going on.

---

Edit: Here's the basics of my httpd.conf.

LoadModule sspi_auth_module modules/mod_auth_sspi.so

<IfModule mime_module>
    AddHandler cgi-script .pl
</IfModule>

<IfModule alias_module>
    Alias /sotest "C:/Some/path/"
</IfModule>

<Directory "C:/Some/path">
    Options ExecCGI

    Order allow,deny
    Allow from all

    AuthName "Foo"
    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative On

    require valid-user
</Directory>

And a short test.pl in that directory.

#!perl -T
#

use CGI;

my $q = CGI->new;

print $q->header;
print $q->start_html;
print $ENV{'REMOTE_USER'};
print $q->end_html;

Here's the resulting page from going to sotest/test.pl:

<!DOCTYPE html
    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"&gt;
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
MYDOMAIN\oeuftete
</body>
</html>