As to your second question, I've integrated LDAP with sfGuard in the past.
First off, I used adLDAP (http://adldap.sourceforge.net/ documentation.php) to connect to the LDAP server. Then I created my own class (myLDAP) with a static method for checking a username and password against the AD server I was hooking into. It returns true if the username/password combo exists and false if it doesn't. Finally, in app.yml, I configured sfGuard to use my custom static method to check the password of users: sf_guard_plugin: check_password_callable: [myLDAP, checkPassword] All user, group and permission management is still handled locally by the sfGuard backend modules. It simply calls out to LDAP to check the password. Hope this helps. On Jun 2, 9:03 am, "Reynier Perez Mira" <[email protected]> wrote: > Hi every: > Because I have a big problems while trying to integrate sfGuard and LDAP I > will extend the Signin() method and add my own logic. What I'm want to do is > this: > > 1. Add a sfWidgetFormSelect to make a choice between LDAP and Local. > Something like that: > > class sfGuardFormSignin extends sfForm { > protected static $opciones = array("ldap"=>"LDAP", "local"=>"Local"); > public function configure() { > $this->setWidgets(array( > 'username' => new sfWidgetFormInput(), > 'password' => new sfWidgetFormInput(array('type' => 'password')), > 'type' => new > sfWidgetFormSelect(array('choices'=>self::$opciones)), > 'remember' => new sfWidgetFormInputCheckbox(), > )); > $this->setValidators(array( > 'username' => new sfValidatorString(), > 'password' => new sfValidatorString(), > 'remember' => new sfValidatorBoolean(), > )); > > $this->validatorSchema->setPostValidator(new sfGuardValidatorUser()); > $this->widgetSchema->setNameFormat('signin[%s]'); > } > > } > > 2. If the user pick LDAP, then the function could be authenticate the user > over LDAP server and if the user exists and the credentials are correct add > this user to the sf_guard_user table in the DB > 3. Otherwise if the user pick Local the function need to authenticate over > the DB only and not LDAP. > > Now for do this I have a lot of questions: > 1. As you can see in the code above I implemented the 'type' field in the > plugin code, I mean in the core, then if I want to update the plugin I need > to rewrite over and over the same code every time I do this ¿how I can avoid > this? ¿what yours suggest me? > 2. Can any guide me in how to build the function for Signin()? I mean any > example of this logic. > > Cheers and thanks in advance > PS: If any make LDAP and sfGuard plugin get working and can use sfGuard > groups and permissions facilities I'll be grateful for every help. > Ing. Reynier Pérez Mira --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
