Using SMB for web authentication

[Hannu Martikka]

Hello,

I have apache web server running on unix system. Then we have lots of
users who only have accounts on our NT-domain. 
I'd like to do user&group authentications from our NT-domain using
samba/SMBlib to do the actual authentication. Now does anyone know if
there are already such systems available?

What I'd like to do:

1) User connects to web page http://web/xyz. 
2) He/she gets challenged and should give his username/password (NT-domain
uname/passwd).
3) Web-server does user/group validation by connecting NT-domain server.
4) User gets the page if uname/passwd were correct.

I thought about using SMBlib for this validating system.
Is there a good/easy way to validate users with smblib and how to actually
do it? Do I actually need to connect some share (\\ntserver\public) to get
user validation or can I just do some _generic calls_ without actually
connecting to any share?

And how to get group information from NT-domain? Like: User only in admin
group can access this web page.
Do I need to create _fake shares_ for all groups, say \\ntserver\group1,
\\ntserver\admins, etc. and allow only group1 to connect group1-share.
Then I could do group-validations by connecting to one of these shares,
but this seems stupid...

- Goodi
"UNIX should be used as an adjective." -- AT&T