CakePHP 3 Ldap认证问题和澄清 [英] CakePHP 3 Ldap authentication issue and clarification

问题描述

我正在开发在我的项目中集成LDAP身份验证。我按照官方CakePHP网站的教程指导如何在应用程序src路径中创建自定义对象，并在AuthController中使用这些自定义对象。

I am working on integrating LDAP authentication in my project. and I followed the tutorial from official CakePHP site that guides through how to create a custom object in application src path and using those custom objects in AuthController.

所以我创建了一个文件夹称为Auth在src与称为LdapAuthorize.php的文件名。路径看起来像这样src / Auth / LdapAuthorize.php

So I created a folder called Auth in src with the file name called LdapAuthorize.php. The path looks like this src/Auth/LdapAuthorize.php

这是我的LdapAuthorize.php代码：

Here is my LdapAuthorize.php code:

namespace App\Auth;

use Cake\Auth\BaseAuthorize;
use Cake\Network\Request;

class LdapAuthorize extends BaseAuthorize {
    public function authorize($user, Request $request) {
        if ($user == 'username') { // where username is logged on ldap user on a computer.
            return true;
        }
    }
}

AppController.php文件。这是我的代码：

I also called the object in AppController.php file. Here is my code:

public function initialize()
{
    parent::initialize();
    $this->loadComponent('Flash');
    $this->loadComponent('Auth', [
        'loginRedirect' => [
            'controller' => 'Customers',
            'action' => 'index'
        ],
        'logoutRedirect' => [
            'controller' => 'Pages',
            'action' => 'display',
            'home'
        ]
    ]);      
    $this->Auth->config('authenticate', [
        'Ldap'
    ]);
}

所以当我访问url http：// localhost / AppPath / Dashboard / index 我得到未找到身份验证适配器Ldap。

So when I access the url http://localhost/AppPath/Dashboard/index I get Authentication adapter "Ldap" was not found.

因为这是我第一次使用CakePHP的经验，所以我找不到很多在线解决方案可以解决任何问题。

Since this is my first experience with CakePHP, I couldn't find that many solution online that help troubleshoot any issues.

为LdapAuthenticate.php添加其他代码：

Adding additional code for LdapAuthenticate.php:

namespace App\Auth;

use Cake\Auth\BaseAuthenticate;
use Cake\Network\Request;
use Cake\Network\Response;

class OpenidAuthenticate extends BaseAuthenticate
{
    public function authenticate(Request $request, Response $response)
    {
        $users = ["john", "ray"];
        return $users;
    }
}

推荐答案

您需要一个自定义验证适配器< a>，则您的Ldap授权是自定义授权适配器：

// in src/Auth/LdapAuthenticate.php

namespace App\Auth;

use Cake\Auth\BaseAuthenticate;
use Cake\Network\Request;
use Cake\Network\Response;

class LdapAuthenticate extends BaseAuthenticate {

    protected $_host = 'your_ldap_server' ;

    public function authenticate(Request $request, Response $response) {
        $username = $request->data['username'] ;
        $password = $request->data['password'] ;
        $ds = @ldap_connect($this->_host) ;
        if (!$ds) {
            throw \Cake\Error\FatalErrorException ('Unable to connect to LDAP host.') ;
        }
        $basedn = "your ldap query... "
        $dn = "uid=$username, ".$basedn;
        $ldapbind = @ldap_bind($ds, $dn, $password);
        if (!$ldapbind) {
            return false ;
        }
        // Do whatever you want with your LDAP connection... 
        $entry = ldap_first_entry ($ldapbind) ;
        $attrs = ldap_get_attributes ($ldapbind, $entry) ;
        $user  = [] ;
        // Loop
        for ($i = 0 ; $i < $attrs["count"] ; $i++) {
            $user[$attrs[$i]] = ldap_values ($ldapbind, $entry, $attrs[$i])[0] ;
        }
        // Then close it and return the authenticated user
        ldap_unbind ($ldapbind) ;
        ldap_close ($ldapbind);
        return $user ;
    }

}

这篇关于CakePHP 3 Ldap认证问题和澄清的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！