PHP Active Directory security

This was another project related to my support of the internal PHP systems at Royal Stoke Hospital.

Many of the Hospital’s internal admin systems were written in PHP. There were around 20 applications in total. Such as managing doctor study leave, car parking payments, Flu vaccination tracking, Capital bids, Purchasing Systems and the Helpdesk.

I was asked to integrate the existing security coded into the PHP applications to the site-wide Active Directory authentication system.

I wrote a PHP utility that integrates into each existing PHP application which checks if the user is correctly logged into an active directory session. If so, the utility went on to verify the query string in the URL, and correct any fake credentials. If not, the user was prompted to login using the organisational standard process.

Note: This project was not concerned with any systems handling patient data. These PHP systems are for staff administration only.