I have detailed the process here: http://blog.honnecke.us/2010/01/using-sfdoctrineguardusers-external-authentication/
On Fri, Jan 29, 2010 at 2:20 PM, ashton honnecke <[email protected]> wrote: > The way that I addressed this was to: > * Create a custom form for the signin process > * In that form, replace the validator (change > app_sf_guard_plugin_signin_form) > * In the new validator, replace the code that throws an error if the > user is not found in the database with code that authenticates against > your external mechanism. > * In the "external mechanism" create the user if the user does not > exist in sf_guard_user, also update the user if the info has changed > * return the new user to the validator > > I'm still not thrilled with this answer, so if anyone has an alternate > solution, I would love to hear it. > > thanks > ashton > > On Fri, Jan 29, 2010 at 10:00 AM, ashton honnecke <[email protected]> wrote: >> Both ways of authentication would be fine, but my main goal is to >> allow users to login without requiring them to exist in the >> sfGuardUserTable. I'm building a site for a client that has an api >> that they want me to use to authenticate users against. I don't want >> to have to insert into sf_user_guard just to allow a user to attempt >> to login. >> >> It seems very strange that there would be such a great external >> authentication system that then requires that the user already be in >> the sf_guard_user table. I assume that I am missing something. >> >> These guys want to know how to do it as well: >> http://www.matthewbull.net/2008/06/29/symfonys-sfguard-plugin-and-ldap/ >> >> On Fri, Jan 29, 2010 at 5:43 AM, Tom Ptacnik <[email protected]> wrote: >>> Of cource you can overwrite the sfGuardAuth module if you don't want >>> to use it... I thought that you want to use both ways of >>> autentification. >>> >>> >>> On 28 led, 18:38, ashton honnecke <[email protected]> wrote: >>>> Thanks! >>>> >>>> So if I am understanding you, you are telling me that there is no way >>>> to do this with the current sfGuardUser setup and that I will need to >>>> I create a new module that I use for login. >>>> >>>> It doesn't seem to me that this is an uncommon request related to the >>>> external password check, so It seems odd that I would need to re-write >>>> the login in order to do so. >>>> >>>> Why would I want to make a new module and not just overwrite the >>>> executeSignin method in the BasesfGuardAuthActions class? >>>> >>>> ashton >>>> >>>> >>>> >>>> On Thu, Jan 28, 2010 at 6:53 AM, Tom Ptacnik <[email protected]> wrote: >>>> > Create an module with "secure: is_secure: false" in which you can do >>>> > what you want (create a user in sf_guard_user table ...) >>>> >>>> > On 28 led, 02:15, ashton <[email protected]> wrote: >>>> >> I have my external authentication working, but the problem that I am >>>> >> running into is that there needs to be a user in the sfGuardUser table >>>> >> that matches the username submit in the login form, otherwise the >>>> >> login fails. >>>> >>>> >> So when I currently add 'return true;' to the top of the external auth >>>> >> function, I can login with any password, for users that exist in the >>>> >> sf_guard_table, but not with usernames that do not exist. >>>> >>>> >> I was wondering if there was a solution out there (ideally user >>>> >> creation in the sfGuardUser table upon successful external >>>> >> authentication), allowing me to perform my external checks even if the >>>> >> username does not exist in the sf_guard_user table would work too, >>>> >> because then I could just manually create the user if the external >>>> >> auth was successful. >>>> >>>> >> thanks! >>>> >> ashton >>>> >>>> > -- >>>> > You received this message because you are subscribed to the Google >>>> > Groups "symfony users" group. >>>> > To post to this group, send email to [email protected]. >>>> > To unsubscribe from this group, send email to >>>> > [email protected]. >>>> > For more options, visit this group >>>> > athttp://groups.google.com/group/symfony-users?hl=en. >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "symfony users" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/symfony-users?hl=en. >>> >>> >> > -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
