Talk:How to fill out a person's name, email address and SUNetID on a form behind WebAuth with PHP
From Web Services Wiki
You have to use the 'WebAuthLdapAttribute' directive in an .htaccess file in the same directory of your form in order to have those environment variables available.
Strangely, just using:
AuthType WebAuth Require valid-user WebAuthLdapAttribute displayName
Gave me all of the attributes.
I couldn't get it to "automagically" fill in otherwise.
Also, you need to be sure to wrap your variables in <?php ?> tags in order for PHP to recognize them (assuming you're building this form in an .html document), like so:
<?php $name = $_ENV['WEBAUTH_LDAP_DISPLAYNAME']; $sunetid = $_ENV['WEBAUTH_USER']; $email = $_ENV['WEBAUTH_LDAP_MAIL']; ?>
Jbickar 09:00, 19 October 2009 (PDT)
Installing Auto-Fill on your own server
The previous instructions work well if you are using the Stanford web server, but if you are using your own server, and want to do Auto-Fill behind WebAuth, then you need a slightly different set of instructions.
The first step in setting this up was getting permission from all the people who control the LDAP data according to the Stanford policy outlined at https://www.stanford.edu/dept/as/mais/integration/howto/permission.html
You need to know the fields you want to access.
PHP must be installed along with WebAuth
In order to activate PHP imbedded within HTML, the following line must be present in the Apache httpd.conf file
AddType application/x-httpd-php .php .html
Supposedly, you can also try a test using the command (doesn't work for me.)
k5start -f /usr/local/apache2/conf/webauth webauth/cmgm3.stanford.edu -- ldapsearch -h ldap -Y GSSAPI uid=kozar
To use this, the web site must be protected by WebAuth. To do this, create the following .htaccess file and put it in the directory you want to protect and Auto-Fill. List all the fields you want to capture and WebAuth will grab this info and store it in a set of PHP variables.
AuthType WebAuth require valid-user WebAuthLdapAttribute displayName WebAuthLdapAttribute mail WebAuthLdapAttribute cn WebAuthLdapAttribute givenName WebAuthLdapAttribute o WebAuthLdapAttribute ou WebAuthLdapAttribute sn WebAuthLdapAttribute street WebAuthLdapAttribute suCN WebAuthLdapAttribute suLocalPhone WebAuthLdapAttribute suSunetID WebAuthLdapAttribute uid
This will generate all the different variables that need to be used. There are many more, but at this time, this is all we have requested permission to access. If more fields need to be accessed, just request permission again. You can be test whether the information has been captured by putting the following file in the directory. Filename = test.php
<?php phpinfo() ?>
Make sure permissions on that file are 755
Then run the file from a web browser http://server.stanford.edu/directory/test.php
This will dump all sorts of information about PHP including the $_SYSTEM variables that will hold the WebAuth information. If values for these variables appear in the "phpinfo" page, then the connection to the main campus LDAP server is working OK.
Now that this is done, we can modify our web pages according to the Auto-Fill instructions on the Stanford Wiki
with the following changes.
Here is an example of the code that will grab some information, then display it in a form
<form name="testform" action="save.php" method="post"> <?php $name = $_SERVER['WEBAUTH_LDAP_GIVENNAME']; $sunetid = $_SERVER['WEBAUTH_LDAP_SUSUNETID']; $email = $_SERVER['WEBAUTH_LDAP_MAIL']; ?> <label for="email">E-mail address:</label><br> <input type="text" name="email" id="email" value="<?=htmlspecialchars($email)?>"> <input type="submit" name="submit" value="Save" > </form>
Other methods of embedding PHP within HTML don't work as advertised. Especially stuff like
<input name="name" type="text" id="name" value="<?php echo "$name";?>"> or
<input type="hidden" name="formvar" value="<?php phpvar=10; echo phpvar; ?>"> // PHP code inside HTML!!