Re: [symfony-users] ldap authentication

Fri, 21 May 2010 02:01:01 -0700 

Hi,

There is a very simple way :

Install the ldap library for php (in Debian, this is php5-ldap)

in /apps/myapp/config/app.yml :

all:
  sf_guard_plugin:
    check_password_callable: [check, checkPassword]

This is by-passing the default sfGuardPlugin password checking
methode. Here, "check" is the name of a class and "checkPassword" the
name of a methode.
In /apps/myapp/lib/, create check.class.php :

<?php

class check
{
  public static function checkPassword($username, $password)
  {
    /* This is just to still have a valid user if the ldap server is down */
    if(!strcmp("$username", "admin") && !strcmp("$password", "foo"))
    {
      return true;
    }
    else
    {
      $host = "ldap://192.168.1.1";;
      $username = $username."@mydomain.com";
      $ldapconn = ldap_connect($host);
      if ($ldapconn)
      {
        $ldapbind = @ldap_bind($ldapconn, $username, $password);
        if ($ldapbind)
        {
          ldap_unbind($ldapconn);
          return true;
        }
        else
        {
          return false;
        }
      }
      else
      {
        return false;
      }
    }
  }
}
?>

That's all !

You may not want the "admin" user if your application will be
accessible from the internet. I put it since my application will work
in an enterprise network only and this will not be very dangerous to
have this. And my application is still in development : I will improve
the security level of the admin user later.

I hope this will help.

Cheers.

Luc Didry

2010/5/21 mirfan <[email protected]>:
> Hi,
>
> I want my application to be authenticated with ldap i have no idea how
> i will do that and i am also fresh to symfony, one more thing is that
> i have installed and enabled sfGuard plugin but its is not working.
>
> Please help me.
>
> --
> If you want to report a vulnerability issue on symfony, please send it to 
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>

-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en

Reply via email to