使用Symfony2进行Kerberos身份验证 [英] Kerberos authentication with Symfony2
问题描述
我正在尝试使用Symfony2中的kerberos对用户进行身份验证,但在途中我有些迷茫.
I am trying to authenticate users with kerberos in Symfony2 but I'm a little lost on the way.
用户通过身份验证后,Apache服务器将返回$ _SERVER ['REMOTE_USER']
变量,并提供他的用户名.我可以恢复此值:
When the user is authenticated,the Apache server returns the $ _SERVER ['REMOTE_USER']
variable, giving me his username. I can recover this value :
$request = Request::createFromGlobals();
$user = $request->server->get('REMOTE_USER');
但是如何告诉Symfony仅使用此值对用户进行身份验证?不需要密码.
But how to tell Symfony to authenticate the user just with this value ? No password is required.
我在创建自定义身份验证提供程序还是创建自定义使用提供程序.
请执行此操作的最佳方法是什么?
What is the best way to do this please ?
推荐答案
向安全防火墙添加了基于REMOTE_USER的侦听器
几个Apache安全模块(auth_kerb,auth_cas等)通过名为REMOTE_USER的环境变量提供用户名.因此,Symfony 2.6将基于此变量包括一个新的身份验证侦听器.
Added a REMOTE_USER based listener to security firewalls
Several Apache security modules (auth_kerb, auth_cas, etc.) provide the username via an environment variable called REMOTE_USER. For that reason, Symfony 2.6 will include a new authentication listener based on this variable.
要在应用程序中使用它,只需在安全性配置中定义新的remote_user类型的防火墙:
To use it in your application, simply define a firewall of the new remote_user type in your security configuration:
# app/config/security.yml
security:
firewalls:
secured_area:
pattern: ^/
remote_user:
provider: your_user_provider
来源: http://symfony.com/blog/new-in-symfony-2-6-security-component-improvements
这篇关于使用Symfony2进行Kerberos身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!