yunai39/simple-ldap-bundle

There is no license information available for the latest version (2.2.3) of this package.

This bundle provides an integration of Symfony Security for an LDAP Annuary, every user in the LDAP annuary will have a default role, but it is possible to set specific role for specific user

Maintainers

Details

github.com/yunai39/SimpleLdapBundle

Source

Issues

Installs: 2 363

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 3

Open Issues: 0

Type:symfony-bundle

2.2.3 2017-02-08 08:36 UTC

Requires

  • php: >=5.2.4

Unknown License 7bef9d7b2e5f346317108f6bcb22a76ad324abb9

ldapauthentification

This package is not auto-updated.

Last update: 2025-01-04 16:52:07 UTC

README

This is a Bundle for Symfony for an Ldap Authentification

In this bundle, you will be able to authentificate user against an LDAP annuary. By default every single user in the LDAP annuary will have a default ROLE (role that you can choose). It is also possible to give specific user a specific role.

The database is simple, you have a database where a id corresponding to a field(the name of that field is defined int the parameter.yml) in the ldap tree (exemple: employeenumber - 00000), and you will give a specific role for the user with the field employee number 00000 You also have a boolean field for the user to be unvalidated, user who are unvalidated, will have a default role defined in the parameter.yml.

Requirement

To use this Bundle you will need to have php_ldap installed on you server

Installation

You need to add a package to your dependency list :

"yunai39/simple-ldap-bundle": "dev-master"

When do a composer update:

composer update "yunai39/simple-ldap-bundle"

You need to enable the bundle into your kernel

//app/AppKernel.php
new Yunai39\Bundle\SimpleLdapBundle\SimpleLdapBundle(),

Configuration

The configuration is a bit long:

First you need to register the bundle in your AppKernel

$bundles = array(
...
new Yunai39\Bundle\SimpleLdapBundle\SimpleLdapBundle(),
...
};

You need to configure your domain specific information, put those information into app/config/config.yml

    simple_ldap:
        settings:
            server: ip.to.server.ldap
            port: 389 or 636
            account_suffix : employeeNumber 
            base_dn :
                base1: OU=people,DC=company
                base2: OU=contractors,OU=people,DC=company

        # The attribut you want your user Class to have
        settings_user:
            FullName: cn
        # The redirection after login based on the ROLE
        user_redirects: 
          ROLE_USER: user_home
          ROLE_ADMIN: admin_home
        # Name of the user class
        user_class: Acme\DemoBundle\Security\User\CustomLdapUser
        #if the user is not registered in that database or is not registered as valid in the database he will have the default role
        default_role: ROLE_USER

You will also need to create an UserClass which inherit from the UserLdap defined in the bundle (Use that only if you want specific attribut from the ldap such as email or fullname)

    <?php
    
    namespace Acme\DemoBundle\Security\User;
    
    use Symfony\Component\Security\Core\User\UserInterface;
    use Yunai39\Bundle\SimpleLdapBundle\Security\User\UserLdap;
    class CustomLdapUser extends  UserLdap
    {
    /* displayname*/
        private $fullname;
    
        public function getFullName(){
            return $this->fullname;
        }
    
        public function setFullName($fullname){
            $this->fullname = $fullname; 
        }
    }

If you do not wish to have a user with email or any other field coming from LDAP you do not need to recreate an new user class, you can just use the userldap in the bundle

Define the user class this way in the config.yml

    user_class: Yunai39\Bundle\SimpleLdapBundle\Security\User\UserLdap

The security parameters (Just what's needed for the Bundle, the rest is up to you)

security:
    encoders:
        Acme\DemoBundle\Security\User\CustomLdapUser : plaintext #Active directory does not support encrypted password yet
providers:
    my_active_directory_provider:
          id: security_ldap_provider

You will also need to add the following configuration key in your firewall to reference the providers

ldap: true

Example

    firewalls:
        ldap:
            pattern:  ^/
            provider: my_active_directory_provider
            anonymous: ~
            form_login:
                login_path: login
                check_path: login_check
            logout:
                path:   /logout
                target: login
            ldap: true

Add the road for the gestion (Make sure they are under a firewall)

    user_role:
        resource: "@SimpleLdapBundle/Resources/config/routing.yml"
        prefix:   /admin

If you do not have the role for login, logout and login check

login:
    pattern:  /login
    defaults: { _controller: "SimpleLdapBundle:Security:login" }

login_check:
    pattern:  /login_check


logout:
    pattern:  /logout

And finally do not forget to update your database.

Version

2.* - A database to handle user role