diff options
| author | Tobias Schultze <webmaster@tubo-world.de> | 2015-09-29 16:08:28 +0200 |
|---|---|---|
| committer | Tobias Schultze <webmaster@tubo-world.de> | 2015-09-29 16:08:28 +0200 |
| commit | 493704bf17328063a6e566d912e6e063d4c60f8b (patch) | |
| tree | 16e3cfaffcb041445478540434fd4e5be0b3eccc /Core/Authentication | |
| parent | 16223cbf326eee2a9fff59f765c218ff028e9330 (diff) | |
| parent | 889a989997c4b038fb4e354e57e35ede82370581 (diff) | |
| download | symfony-security-493704bf17328063a6e566d912e6e063d4c60f8b.zip symfony-security-493704bf17328063a6e566d912e6e063d4c60f8b.tar.gz symfony-security-493704bf17328063a6e566d912e6e063d4c60f8b.tar.bz2 | |
Merge branch '2.8'
Conflicts:
composer.json
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Console/Descriptor/TextDescriptor.php
src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Component/ClassLoader/ApcUniversalClassLoader.php
src/Symfony/Component/ClassLoader/DebugClassLoader.php
src/Symfony/Component/ClassLoader/UniversalClassLoader.php
src/Symfony/Component/Console/Input/StringInput.php
src/Symfony/Component/Debug/DebugClassLoader.php
src/Symfony/Component/DependencyInjection/Container.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/DependencyInjection/ContainerInterface.php
src/Symfony/Component/DependencyInjection/Definition.php
src/Symfony/Component/DependencyInjection/DefinitionDecorator.php
src/Symfony/Component/DependencyInjection/Scope.php
src/Symfony/Component/DependencyInjection/ScopeInterface.php
src/Symfony/Component/DomCrawler/composer.json
src/Symfony/Component/EventDispatcher/Event.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/KernelInterface.php
src/Symfony/Component/HttpKernel/Log/LoggerInterface.php
src/Symfony/Component/HttpKernel/Log/NullLogger.php
src/Symfony/Component/Security/Core/composer.json
src/Symfony/Component/Security/Resources/translations/security.tr.xlf
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Translation/Translator.php
Diffstat (limited to 'Core/Authentication')
| -rw-r--r-- | Core/Authentication/Provider/LdapBindAuthenticationProvider.php | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/Core/Authentication/Provider/LdapBindAuthenticationProvider.php b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php new file mode 100644 index 0000000..fab7d80 --- /dev/null +++ b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php @@ -0,0 +1,85 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authentication\Provider; + +use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; +use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\User\UserCheckerInterface; +use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Ldap\LdapClientInterface; +use Symfony\Component\Ldap\Exception\ConnectionException; + +/** + * LdapBindAuthenticationProvider authenticates a user against an LDAP server. + * + * The only way to check user credentials is to try to connect the user with its + * credentials to the ldap. + * + * @author Charles Sarrazin <charles@sarraz.in> + */ +class LdapBindAuthenticationProvider extends UserAuthenticationProvider +{ + private $userProvider; + private $ldap; + private $dnString; + + /** + * Constructor. + * + * @param UserProviderInterface $userProvider A UserProvider + * @param UserCheckerInterface $userChecker A UserChecker + * @param string $providerKey The provider key + * @param LdapClientInterface $ldap An Ldap client + * @param string $dnString A string used to create the bind DN + * @param bool $hideUserNotFoundExceptions Whether to hide user not found exception or not + */ + public function __construct(UserProviderInterface $userProvider, UserCheckerInterface $userChecker, $providerKey, LdapClientInterface $ldap, $dnString = '{username}', $hideUserNotFoundExceptions = true) + { + parent::__construct($userChecker, $providerKey, $hideUserNotFoundExceptions); + + $this->userProvider = $userProvider; + $this->ldap = $ldap; + $this->dnString = $dnString; + } + + /** + * {@inheritdoc} + */ + protected function retrieveUser($username, UsernamePasswordToken $token) + { + if ('NONE_PROVIDED' === $username) { + throw new UsernameNotFoundException('Username can not be null'); + } + + return $this->userProvider->loadUserByUsername($username); + } + + /** + * {@inheritdoc} + */ + protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) + { + $username = $token->getUsername(); + $password = $token->getCredentials(); + + try { + $username = $this->ldap->escape($username, '', LdapClientInterface::LDAP_ESCAPE_DN); + $dn = str_replace('{username}', $username, $this->dnString); + + $this->ldap->bind($dn, $password); + } catch (ConnectionException $e) { + throw new BadCredentialsException('The presented password is invalid.'); + } + } +} |