85 search results

… In my case, I did not query LDAP in getUser, just the User entity repo. In my case, all users (usernames) are in the User Entity database. So I don't have to get them from the LDAP server. But I do need to validate…
Geoff Maddock
Geoff Maddock
Read Full Comment
…in case binding fails. So, we *do* need to catch it and return false so that the proper flow can go forward. The LdapBindAuthenticationProvider is buried too deep in the ldap security system for us to use it from Guard. But... check this out! They …
weaverryan
weaverryan
Read Full Comment
Hi Paul-André! Unfortunately, I don't know a lot personally about LDAP. But, I do know a lot about Guard, so I'll do my best to help :). 1) Since you're using Guard, obviously you need to do a little bit more work…
weaverryan
weaverryan
Read Full Comment
…both have defined entry point (start() method and implement AuthenticationEntryPointInterface) but it seams after fail in first it simply just showing authentication error. I wanted to authenticate user locally, if LDAP auth fails. Is that possible? security: providers: app_user_provider: entity: class: App\Entity…
…one common interface between decorator class and the vendor class, correct? * And i needed to do this in services.yml: ``` App\Decorator\AddSupportHttpBasicAuthenticatorDecorator: arguments: - "@security.authenticator.http_basic_ldap.main" ``` So it works, but it has some weird behaviour. With the debugger i can see…
Annemieke-B
Annemieke-B
Read Full Comment
…OR form_login_ldap will FIRST try to authenticate the request. Let's assume form_login is first. If you log in using a user in your database, I bet it will work. But if you login with a user that's only in LDAP
weaverryan
weaverryan
Read Full Comment
…^/api', roles: ROLE_API_USER } - { path: '^/', roles: ROLE_USER } ``` My goal is to have ONE page for login and use chain_provider. So if the user is not found in local database, then try ldap. I try to make example application. Cheers Tomas
skocdopolet
skocdopolet
Read Full Comment
…and the first path that matches is the winner. In your case, you have `^/login` at the top, then you have your Ldap route `^loginldap/` - Can you see the problem here? Your first login route will always win (because of the REGEX thing) Cheers!
MolloKhan
MolloKhan
Read Full Comment
…expected, when I set chain_provider like this: ` chain_provider: chain: providers: ['app_user_provider', 'ldap_user_provider'] then the application try to authenticate with app_user_provider first and when user is not found, then try second ldap_user_provider. Or I am wrong…
skocdopolet
skocdopolet
Read Full Comment
…DN)%' search_dn: '%env(resolve:LDAP_SEARCH_DN)%' search_password: '%env(resolve:LDAP_SEARCH_PASSWORD)%' default_roles: ROLE_USER user_provider: entity: class: App\Entity\User property: userId firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true lazy: true provider: my_ldap json…
…). When you call `$iriConverter->getIriFromItem($someObject)`, API Platform looks at whatever class `$someObject` to find its `@ApiResource` configuration. In your case, `$this->getUser()` is returning an instance of `Symfony\Component\Ldap\Security\LdapUser`. And so, API Platform looks at that class and tries to find…
weaverryan
weaverryan
Read Full Comment
…was wondering if you were! I also really enjoyed that conference - and I particularly enjoyed Amsterdam (unfortunately, I didn't have time to visit other parts of the country). > I've got ldap working. It was indeed just getting the config right Woohoo! Yea…
weaverryan
weaverryan
Read Full Comment
…of the day I had stroopwafels on my mind! I've got ldap working. It was indeed just getting the config right. So it's up and running now on production. Ldap is a great tool, but because i didn't create it myself there…
…php: > ldap_bind($dn, $password) That's not *quite* accurate. In LdapBindAuthenticationProvider, the code is `$this->ldap->bind($dn, $password)` - https://github.com/symfony/symfony/blob/c649bfa9d48a07f00bcd1e47aaad5018e88148bf/src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php#L104 - that is not calling the `ldap_bind…
weaverryan
weaverryan
Read Full Comment
…facing. My pleasure - I know how this can be ;) > This is a dump of the '$e' > Symfony\Component\Ldap\Exception\ConnectionException {#320 ▼ > #message: "Can't contact LDAP server" Ok, this is kind of what I was expecting - that there is some…
weaverryan
weaverryan
Read Full Comment
…voters and not so mutch in roles in the user provider i wonder how i can create this list of users. An example of what i do in a voter is check if user is a manager in ldap/activedirectory. As far as i now…
…be a lot of pages that both types of users will access, and they'll have pretty much the same experience, except that one group originally authenticated via LDAP and the other from the database. Sound about right? Here are some points: A) I would…
weaverryan
weaverryan
Read Full Comment
… One last, and merely tangential question - what's the best practice for accessing a parameter from a class like my custom LoginFormAuthenticator? I'd like to define the format for my LDAP login somewhere globally, like in parameters.yml, but I won't be able…
Geoff Maddock
Geoff Maddock
Read Full Comment
…$user) { // this will fail authentication return; } $userExistsInLdapMode = '...'; // add the check for "if the user exist in the LDAP mode" if ($userExistsInLdapMode) { // look up the user in LDAP. If it fails // throw a new CustomUserMessageAuthenticationException('Invalid username/password combination'); // if you want to control the…
weaverryan
weaverryan
Read Full Comment
…libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz Cheers…