使用Symfony2进行Kerberos身份验证 [英] Kerberos authentication with Symfony2

问题描述

我正在尝试使用Symfony2中的kerberos对用户进行身份验证，但在途中我有些迷茫.

I am trying to authenticate users with kerberos in Symfony2 but I'm a little lost on the way.

用户通过身份验证后，Apache服务器将返回$ _SERVER ['REMOTE_USER']变量，并提供他的用户名.我可以恢复此值:

When the user is authenticated,the Apache server returns the $ _SERVER ['REMOTE_USER'] variable, giving me his username. I can recover this value :

$request = Request::createFromGlobals();
$user = $request->server->get('REMOTE_USER');

但是如何告诉Symfony仅使用此值对用户进行身份验证?不需要密码.

But how to tell Symfony to authenticate the user just with this value ? No password is required.

我在创建自定义身份验证提供程序还是创建自定义使用提供程序.

请执行此操作的最佳方法是什么?

What is the best way to do this please ?

推荐答案

向安全防火墙添加了基于REMOTE_USER的侦听器

几个Apache安全模块(auth_kerb，auth_cas等)通过名为REMOTE_USER的环境变量提供用户名.因此，Symfony 2.6将基于此变量包括一个新的身份验证侦听器.

Added a REMOTE_USER based listener to security firewalls

Several Apache security modules (auth_kerb, auth_cas, etc.) provide the username via an environment variable called REMOTE_USER. For that reason, Symfony 2.6 will include a new authentication listener based on this variable.

要在应用程序中使用它，只需在安全性配置中定义新的remote_user类型的防火墙:

To use it in your application, simply define a firewall of the new remote_user type in your security configuration:

# app/config/security.yml
security:
    firewalls:
        secured_area:
            pattern: ^/
            remote_user:
                provider: your_user_provider

来源: http://symfony.com/blog/new-in-symfony-2-6-security-component-improvements

这篇关于使用Symfony2进行Kerberos身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！