modules/webserver_auth/webserver_auth.module

<?php
// $Id: webserver_auth.module,v 1.15 2006/03/25 05:53:56 weitzman Exp $

function webserver_auth_init() {
  global $user, $account;

  // two ways to get $name
  if ($name != $_SERVER["REMOTE_USER"]) {
    $name = $_SERVER["REDIRECT_REMOTE_USER"];
  }
  
  if (isset($user) && $user->id && $user->name === $name) {
    //do nothing because user is already logged into Drupal, and hasn't presented different credentials vis web server
  }
  else {
    if ($name) {
      // user is logged into webserver.
      $account->name = $name;
      //modules get to change the user bits before saving. use a global $account to do so.
      // only loaded modules will see this hook
      module_invoke_all("webserver_auth");
      // if we are in bootstrap, load user.module ourselves
      if (!module_exist('user')) {
       drupal_load('module', 'user');
      }

      // try to log into Drupal. if unsuccessful, register the user
      $user = user_external_load($account->name);
      if (!$user->uid) {
        if (variable_get("user_register", 1) == 1) {
          $user_default = array("name" => $account->name, "pass" => "cyan", "init" => db_escape_string($name), "authname_webserver_auth" => $account->name, "status" => 1, "roles" => array(DRUPAL_AUTHENTICATED_RID));
          // TODO - the hook_user('register') will fire but only for loaded modules. could be a problem for sites using page cache and that hook+operation
          $user = user_save("", array_merge($user_default, (array)$account));
          watchdog("user", "new user: $user->name (webserver_auth)", l(t("edit user"), "admin/user/edit/$user->uid"));
        }
      }
    }
    else {
      // do nothing. user isn't logged into web server
    }
  }
}

// using a global to change your bits. module_invoke_all miffs me.
function webserver_auth_webserver_auth() {
  global $account;

  // pretties up the username for NTLM authentication (i.e. Windows)
  if ($_SERVER["AUTH_TYPE"] == "NTLM" || $_SERVER["AUTH_TYPE"] == 'Negotiate') {
    $account->name = substr(trim($account->name), strrpos(trim($account->name), "\\")+1);
  }

  if ($domain = variable_get("webserver_auth_domain", "")) {
    if ($account->name) {
      $account->mail = $account->name. "@$domain";
    }
  }
}

function webserver_auth_settings() {
  $form["webserver_auth_domain"] = array(
    '#type' => 'textfield',
    '#title' => t("Email Domain"),
    '#default_value' => variable_get("webserver_auth_domain", ""),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t("Append this domain name to each new user in order generate his email address."),
    );
  return $form;	
}

function webserver_auth_help($section) {
  $output ="";

  switch ($section) {
    case 'admin/help#webserver_auth':
      break;
    case 'admin/modules#description':
      $output .= t("Use web server authentication instead of Drupal");
      break;
  }

  return $output;
}
1	<?php
2	// $Id: webserver_auth.module,v 1.15 2006/03/25 05:53:56 weitzman Exp $
3
4	function webserver_auth_init() {
5	global $user, $account;
6
7	// two ways to get $name
8	if ($name != $_SERVER["REMOTE_USER"]) {
9	$name = $_SERVER["REDIRECT_REMOTE_USER"];
10	}
11
12	if (isset($user) && $user->id && $user->name === $name) {
13	//do nothing because user is already logged into Drupal, and hasn't presented different credentials vis web server
14	}
15	else {
16	if ($name) {
17	// user is logged into webserver.
18	$account->name = $name;
19	//modules get to change the user bits before saving. use a global $account to do so.
20	// only loaded modules will see this hook
21	module_invoke_all("webserver_auth");
22	// if we are in bootstrap, load user.module ourselves
23	if (!module_exist('user')) {
24	drupal_load('module', 'user');
25	}
26
27	// try to log into Drupal. if unsuccessful, register the user
28	$user = user_external_load($account->name);
29	if (!$user->uid) {
30	if (variable_get("user_register", 1) == 1) {
31	$user_default = array("name" => $account->name, "pass" => "cyan", "init" => db_escape_string($name), "authname_webserver_auth" => $account->name, "status" => 1, "roles" => array(DRUPAL_AUTHENTICATED_RID));
32	// TODO - the hook_user('register') will fire but only for loaded modules. could be a problem for sites using page cache and that hook+operation
33	$user = user_save("", array_merge($user_default, (array)$account));
34	watchdog("user", "new user: $user->name (webserver_auth)", l(t("edit user"), "admin/user/edit/$user->uid"));
35	}
36	}
37	}
38	else {
39	// do nothing. user isn't logged into web server
40	}
41	}
42	}
43
44	// using a global to change your bits. module_invoke_all miffs me.
45	function webserver_auth_webserver_auth() {
46	global $account;
47
48	// pretties up the username for NTLM authentication (i.e. Windows)
49	if ($_SERVER["AUTH_TYPE"] == "NTLM" \|\| $_SERVER["AUTH_TYPE"] == 'Negotiate') {
50	$account->name = substr(trim($account->name), strrpos(trim($account->name), "\\")+1);
51	}
52
53	if ($domain = variable_get("webserver_auth_domain", "")) {
54	if ($account->name) {
55	$account->mail = $account->name. "@$domain";
56	}
57	}
58	}
59
60	function webserver_auth_settings() {
61	$form["webserver_auth_domain"] = array(
62	'#type' => 'textfield',
63	'#title' => t("Email Domain"),
64	'#default_value' => variable_get("webserver_auth_domain", ""),
65	'#size' => 30,
66	'#maxlength' => 55,
67	'#description' => t("Append this domain name to each new user in order generate his email address."),
68	);
69	return $form;
70	}
71
72	function webserver_auth_help($section) {
73	$output ="";
74
75	switch ($section) {
76	case 'admin/help#webserver_auth':
77	break;
78	case 'admin/modules#description':
79	$output .= t("Use web server authentication instead of Drupal");
80	break;
81	}
82
83	return $output;
84	}