eZ Community » Forums » eZ Publish 5 Platform » LDAP-login frontend with FR3DLdapBundle
expandshrink

LDAP-login frontend with FR3DLdapBundle

LDAP-login frontend with FR3DLdapBundle

Tuesday 12 May 2015 2:55:09 pm - 5 replies

Is there anyone who has managed to get this to work?

I think my problem is the settings, but Im not sure what to put in them. Need help, asap blunk.gif Emoticon

  • Related forum topics

Tuesday 12 May 2015 3:09:06 pm

I guess you have followed this link? https://doc.ez.no/display/EZP/How+to+authenticate+a+user+with+multiple+user+providers

I have something similiar in an already published site. Say similar because in my case is a webservice the one who control access, but the idea and the implementation should be quite similar. 

Tuesday 12 May 2015 3:29:04 pm

Yes, the link has been followed blunk.gif Emoticon

My problem I guess is this settings:

#   service:
#       user_manager: fos_user.user_manager          # Overrides default user manager
#       ldap_manager: fr3d_ldap.ldap_manager.default # Overrides default ldap manager

What is the user_manager for eZ Publish=

Tuesday 12 May 2015 8:13:03 pm

Hi Anders,

We did some LDAP work a few weeks ago, allthough I believe we did it with a different bundle (and with the need of heavy customization). I'll ping my coworker who worked on this project and see if he has the time to elaborate.

Tuesday 12 May 2015 8:45:44 pm

Hey, Anders

Nice meeting you in Croatia.

I'm the man implementing the LDAP solution. The user provider for eZ Publish is:

ezpublish:
    id: ezpublish.security.user_provider

It looks like you are trying to override the default eZ Publish user manager service. Instead of doing that, you should look at chained providers to get what you want. This should be configured in security.yml and look along the lines of:

providers: 
    multiples: 
        chain: 
            providers: [ ezpublish, fr3d_ldapbundle]
fr3d_ldapbundle: 
    id: fr3d_ldap.security.user.provider 
ezpublish:
    id: ezpublish.security.user_provider

Good luck, Anders.

Modified on Tuesday 12 May 2015 8:49:15 pm by Thomas Maurstad Larsson

Tuesday 12 May 2015 9:19:03 pm

Hi guys!

Thanks for your effort! I have now solved my problem, and here is my solution:

  1. Remove FRE3DLdapBundle
  2. Install BorisMorel/LdapBundle
  3. Make a InteractiveLoginListener

InteractiveLoginListener:

 public function onInteractiveLogin( InteractiveLoginEvent $event )
    {
        // We just load a generic user and assign it back to the event.
        // You may want to create users here, or even load predefined users depending on your own rules.
        $user = $event->getAuthenticationToken()->getUser();
        $username = $user->getUsername();
    
        $event->setApiUser( $this->userService->loadUserByLogin($username ) );
    }

Followin in security.yml

security:
    providers:
        ezpublish:
            id: ezpublish.security.user_provider
        ldap:
            id: imag_ldap.security.user.provider
        multiple:
            chain:
                providers: [ldap,ezpublish]
    encoders:
        IMAG\LdapBundle\User\LdapUser: plaintext
    firewalls:
        ezpublish_front:
            pattern: ^/
            anonymous: ~
            form_login:
                require_previous_session: false
            logout: ~
            imag_ldap:
                provider: multiple
imag_ldap:
    client: 
        host: ldaps://myurl
        port: myport
        version: 3
        username: cn=cn,o=o
        password: mypassword
        skip_roles: true
     user:
        base_dn: mybasedn
        name_attribute: uid
expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from