Hi Ryan,
Thank you for your very comprehensive answer.
The LDAP authentication is performed using two connections. First connection is created (using the search_dn and search_password parameters from the configuration ...
... ` configuration.
In your case, `$this->getUser()` is returning an instance of `Symfony\Component\Ldap\Security\LdapUser`. And so, API Platform looks at that class and tries to find the `@ApiResource` annotation, which of ...
Hi, I created a login form almost exactly as in this tutorial. Works great. Now I need to have a separate LoginFormAuthenticator that grabs the user input and validates against an Ldap server, sort of an employee login ...
Hey @Aaron Kincer!
You got it! If you're using the built-in LDAP support in Symfony... at least in the current version, I'm not sure there's an easy way to "hook in" and replace with your own User... which is ...
Hey @Thomas!
I actually very much appreciate that description of LDAP. I get questions about it somewhat frequently, but have never needed to use it directly myself. Great explanation!
> But I have lot of questions ...
Hello there!
I was wondering if you would make a tutorial using Symfony 6 and Authenticating against an LDAP server, that´s something that my project needs, I have followed the official documentation but I feel lost and I dont know how to test it, thanks in advance! ...
Hey Annemieke-B,
Symfony Docs have some examples about authenticating against an LDAP server, you can check it here: https://symfony.com/doc/current/security/ldap.html - unfortunately, I have never used this before, so can't help with examples, but I hope the official docs help!
Cheers! ...
Hi Diego,
Do do you have some base example of a working ldap authentication program with symfony 6?
I have it working with symfony 5 and with symfony 3 for the last 4 years.
And what code do you need exactly?
Thanks in advance.
With kind regards,
Annemieke ...
... That's interesting, I was not expecting that behavior. I believe your case fits into having multiple firewalls enabled, one for your login form, and another one for the Ldap form. Here's an example: https://symfony.com/doc/current/security/entry_point.html#multiple-authenticators-with-separate-entry-points
Hey Tomáš S.
You need to create a custom authenticator where you'll check the database first for the user's credentials, and in case it was not found, you'll use your Ldap service to fetch the user. Here are the ...
Hey @Aaron Kincer!
Ha! Yes, nice job all around - including debugging :). Your setup makes sense to me - including the part of inserting a User if it's found in LDAP but not (yet) in your local database. That is the proper way to do it (not registration).
Cheers! ...
If one wanted to use LDAP to do the password checking but otherwise have a normal symfony user (and not an LdapUser) would you do the password checking in the custom credentials? That's kind of what I took it to mean by "whatever that means in our app". ...
Nope, front end and back-end are all on the same box and the domain is contiguous throughout. The LDAP isn't of course, but I wouldn't think that would be an issue.
Going to create a local version and test with the symfony web server that I would guess is configured quite permissively. ...
Ahh, I see now. LDAP auth is successful, but the user class that's being set is the LdapUser and not the User class. So the question is how do I intercept the login process and use the User class instead of the LdapUser class. I'll dig around and see what I can find. ...
... - what's the best practice for accessing a parameter from a class like my custom LoginFormAuthenticator? I'd like to define the format for my LDAP login somewhere globally, like in parameters.yml, but I won't be able to access that value without the container.
... }
- { path: '^/api', roles: ROLE_API_USER }
- { path: '^/', roles: ROLE_USER }
```
My goal is to have ONE page for login and use chain_provider. So if the user is not found in local database, then try ldap.
I try to make example application.
Cheers
Tomas
... case, you have `^/login` at the top, then you have your Ldap route `^loginldap/` - Can you see the problem here? Your first login route will always win (because of the REGEX thing)
Cheers!
Hello,
Thank you for another excellent tutorial! One thing that I was looking for in a security tutorial that was not covered was how to use LDAP/Active Directory for authentication. I have read through the ...
Is there a good trick to figuring out what is causing the the "Cannot read property 'substr' of undefined" error? I have now successfully got LDAP backend auth working with a custom authenticator using the course code ...
... $password) `
in LdapBindAuthenticationProvider.php:
`ldap_bind($dn, $password)`
As you can guess, the connection works, the ldap bind works in play.php, but ldap_bind does not work in LdapBindAuthenticationProvider.php
You still want to help me?
Greetz from the Netherlands (stroopwafels)
76
LDAP
Filter Results