I'm trying to migrate our corporate intranet from IIS to Apache. The current way in which I handle security is by disallowing annonymous access which forces a login dialog box similar to that done with a htaccess file. I then verify the credentials entered against our Active Directory via LDAP.

Is there a way to have a htaccess file that does not reference a htpassword file? I just want the dialog box to come up and I'll take care of the authentication. I'm sure I can dynamically update a htpassword file but I'm not interested in keeping a file with usernames and passwords when I have Active Directory already doing that and then some.

I know I could also create a new login scheme and run sessions, but there's a lot of applications already in use that expect $_SERVER['PHP_AUTH_USER'] so I'd like to make this transition without too much modification to existing apps.

Any help would be greatly appreciated.

Thanks in advance.