relwell / dapsbundle Goto Github PK
View Code? Open in Web Editor NEWA Symfony2 bundle designed to include support for LDAP in line with code changes slated for Symfony 2.2 or later.
A Symfony2 bundle designed to include support for LDAP in line with code changes slated for Symfony 2.2 or later.
How would I go about assigning Roles to users who login via LDAP?
Allow secure connections in LDAP class.
Estimate: 2-4hrs
Some updates to the Ldap library have been pushed by Lyrixx. We should add these in so our version doesn't fork excessively.
I placed the DapsBundle into my Symfony 2 application's src
directory and then got the following errors:
'The service "daps_ldap.ldap" has a dependency on a non-existent parameter "daps_ldap.ldap.host". Did you mean one of these: "daps_ldap.ldap.admin.host", "daps_ldap.ldap.class"?'
and
'The service "daps_ldap.ldap" has a dependency on a non-existent parameter "daps_ldap.ldap.admin.username_suffix". Did you mean one of these: "daps_ldap.ldap.admin.enable", "daps_ldap.ldap.admin.username_suffic"?'
Here are the full Uncaught Exception messages:
[Fri Jun 28 13:02:35 2013] [error] [client 10.0.2.2] PHP Fatal error: Uncaught exception 'Symfony\\Component\\DependencyInjection\\Exception\\ParameterNotFoundException' with message 'The service "daps_ldap.ldap" has a dependency on a non-existent parameter "daps_ldap.ldap.host". Did you mean one of these: "daps_ldap.ldap.admin.host", "daps_ldap.ldap.class"?' in /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php:108\nStack trace:\n#0 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(234): Symfony\\Component\\DependencyInjection\\ParameterBag\\ParameterBag->get('daps_ldap.ldap....')\n#1 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(205): Symfony\\Component\\DependencyInjection\\ParameterBag\\ParameterBag->resolveString('%daps_ldap.ldap...', Array)\n#2 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(195): Symfony\\Component\\DependencyInjection\\ParameterBag\\Par in /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php on line 108
[Fri Jun 28 13:09:03 2013] [error] [client 10.0.2.2] PHP Fatal error: Uncaught exception 'Symfony\\Component\\DependencyInjection\\Exception\\ParameterNotFoundException' with message 'The service "daps_ldap.ldap" has a dependency on a non-existent parameter "daps_ldap.ldap.admin.username_suffix". Did you mean one of these: "daps_ldap.ldap.admin.enable", "daps_ldap.ldap.admin.username_suffic"?' in /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php:108\nStack trace:\n#0 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(234): Symfony\\Component\\DependencyInjection\\ParameterBag\\ParameterBag->get('daps_ldap.ldap....')\n#1 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(205): Symfony\\Component\\DependencyInjection\\ParameterBag\\ParameterBag->resolveString('%daps_ldap.ldap...', Array)\n#2 /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php(195): Symfony\\Component\\D in /vagrant/aces/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/ParameterBag/ParameterBag.php on line 108
Are the parameter names in ldapcredentials.yml
incorrect or are the arguments in services.xml
incorrect?
Does the LdapBundle allow for Symfony's remember-me functionality? I got the following error when I followed the Symfony docs - How to add "Remember Me" Login Functionality.
PHP Fatal error: Uncaught exception 'RuntimeException' with message 'You must configure at least one remember-me aware listener (such as form-login) for each firewall that has remember-me enabled.' in /path/to/my/app/vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php:97\nStack trace:\n#0 /path/to/my/app/vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php(387): Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\RememberMeFactory->create(Object(Symfony\Component\DependencyInjection\ContainerBuilder), 'main', Array, 'daps_ldap_user_...', NULL)\n#1 /path/to/my/app/vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php(338): Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension->createAuthenticationListeners(Object(Symfony\Component\DependencyInjection\ContainerBuilder), 'main', Array, Array, 'daps_ldap_user_...')\n#2 /path/to/my/app/vendor/symfony/symfony/src in /path/to/my/app/vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php on line 97,
Hi @relwell,
What is the configuration to make the bundle use user credentials to authenticate against the LDAP server ? It is a MS Active Directory.
Thanks
For example, if the group tree is located at ou=groups,dc=example,dc=org and the user is listed a a member of cn=it,ou=departments,ou=groups,dc=example,dc=org, they should have the Symfony role ROLE_LDAP_DEPARTMENTS_IT.
Currently, the project simply generates a slug from the role's common name (cn), whereas here we want any child node from the ou "groups" to be included.
Time Estimate: 6-12 hours
Create a .gitignore listing for a file that lists the DN and password of a general-purpose user for the purpose of pre-binding. If the appropriate parameter is set, bind using these credentials. Otherwise, bind anonymously.
Set a value in the ldap class that would block providing a user based on this authentication. Require that binding to a provided set of credentials that do not match this "pre-authenticated" value occur before successfully returning a user.
Estimate: 3-5 hours
Being a non-active user varies from implementation to implementation. In the case we will be providing for, an inactive user is determined by a specific value for an entry in the listing for that provided user. Create two config values that determine the key and value needed to identify an INACTIVE user. If that value is met, then do not allow that user to bind.
Was: Unbind and throw an authentication error if the value of the retrieved LDAP user's user account control key is 66050 (aka 0x2).
Estimate: 4-6hrs
I am using Active Directory with this plugin, and everything is great except the getBoundRolesByOrg returns the OU in which the member's group resides and not the group name itself.
I had to change "ou" on line 448 in Ldap.php to "cn" instead to get the actual group name. I am not sure if this is expected behavior or not.
Is there any documentation on how to setup and incorporate this Bundle into an existing Symfony application?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.