Question

我正在尝试使用Fr3d LDAP捆绑包和Symfony2来验证用户身份。我也使用fosuser捆绑。第一次认证很好，用户插入数据库，但密码为空。第二次身份验证（注销后）失败：“凭据无效”。有人能帮助我吗？

  security:
  erase_credentials:    false

encoders:
    Ens\LunchBundle\Entity\User: plaintext

providers:
    chain_provider:
        chain:
            providers: [fos_userbundle, fr3d_ldapbundle]

    fr3d_ldapbundle:
        id: fr3d_ldap.security.user.provider

    fos_userbundle:
        id: fos_user.user_manager

firewalls:
    main:
        pattern: ^/
        fr3d_ldap:  ~
        form_login:
            always_use_default_target_path: true
            default_target_path: /
            provider: chain_provider
        logout:       true
        anonymous:    true
    default:
        anonymous: ~

配置：

fos_user:
    db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
    firewall_name: main
    user_class: Ens\LunchBundle\Entity\User

fr3d_ldap:
    driver:
        host:                my host
        port:                389    # Optional
#        version:             3
        username:            +++ # Optional
        password:            +++    # Optional
        bindRequiresDn:      false   # Optional
        bindRequiresDn: true
        accountFilterFormat: (&(samaccountname=%s))
#        baseDn: OU=Users,OU=R4S,OU=SVRD-44-B,OU=SPB,OU=RU,OU=Offices,DC=tps,DC=local
#       accountFilterFormat: (&(uid=%s)) # Optional. sprintf format %s will be the username
#       optReferrals:        false  # Optional
#        useSsl:              false   # Enable SSL negotiation. Optional
#       useStartTls:         true   # Enable TLS negotiation. Optional
#        accountCanonicalForm: 3 # ACCTNAME_FORM_BACKSLASH this is only needed if your users have to login with something like HOST\User
#       accountDomainName: HOST
#       accountDomainNameShort: HOST # if you use the Backslash form set both to Hostname than the Username will be converted to HOST\User
    user:
        baseDn: ++++
        filter: (&(ObjectClass=Person))
        attributes:          # Specify ldap attributes mapping [ldap attribute, user object method]

           - { ldap_attr: samaccountname,  user_method: setusername } # Default
           - { ldap_attr: name,  user_method: setUsernameCanonical } # Default
           - { ldap_attr: mail,  user_method: setName } # Default
           - { ldap_attr: mail,  user_method: setEmail }     # Optional

user.php的

namespace Ens\LunchBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FR3D\LdapBundle\Model\LdapUserInterface;

/**
 * @ORM\Entity
 * @ORM\Table(name="user")
 */
class User extends BaseUser implements LdapUserInterface
{
    /**
     * @ORM\Id
     * @ORM\Column(type="integer")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    protected $name;

    /** @var  string */
    protected $surname;

    private $dn;

    /**
     * @return string
     */
    public function getName()
    {
        return $this->name;
    }

    /**
     * @param string $name
     */
    public function setName($name)
    {
        $this->name = $name;
    }

//    public function setUsername($username){
//        var_dump($username);die;
//    }

    /**
     * @return string
     */
    public function getSurname()
    {
        return $this->surname;
    }

    /**
     * @param string $surname
     */
    public function setSurname($surname)
    {
        $this->surname = $surname;
    }


    public function __construct()
    {
        parent::__construct();
        if (empty($this->roles)) {
            $this->roles[] = 'ROLE_USER';
        }
    }

    /**
     * Get id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set Ldap Distinguished Name.
     *
     * @param string $dn Distinguished Name
     */
    public function setDn($dn)
    {
        $this->dn = $dn;
    }

    /**
     * Get Ldap Distinguished Name.
     *
     * @return string Distinguished Name
     */
    public function getDn()
    {
        return $this->dn;
    }
}

Answer 1

我发帖回复此旧请求，以便其他人可以在需要时找到该信息。

$ dn注释中的ORM列信息是关键。没有它你会看到这种行为： - 用户可以登录一次。 - 创建用户登录其用户记录时。请注意，dn字段为空。 - 用户可以注销。 - 此时用户无法成功登录。

在课程中，用户更改$ dn的声明以包含注释：

+ SUDO=
+ id -u
+ [ 1000 != 0 ]
+ SUDO=sudo
+ echo This script requires superuser access to install apt packages.
This script requires superuser access to install apt packages.
+ echo You will be prompted for your password by sudo.
You will be prompted for your password by sudo.
+ sudo -k
+ sudo sh
+ dpkg -s apt-transport-https
+ echo deb https://cli-assets.heroku.com/branches/stable/apt ./
+ dpkg -s heroku-toolbelt
+ true
+ + apt-key add -
wget -qO- https://cli-assets.heroku.com/apt/release.key
OK
+ apt-get update
Hit:1 http://archive.raspberrypi.org/debian stretch InRelease
Hit:2 http://mirrordirector.raspbian.org/raspbian stretch InRelease      
Hit:3 https://cli-assets.heroku.com/branches/stable/apt ./ InRelease     
Hit:4 https://deb.nodesource.com/node_6.x stretch InRelease
Hit:5 https://packagecloud.io/AtomEditor/atom/any any InRelease
Reading package lists... Done
+ apt-get install -y heroku
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package heroku

带有Symfony2和Fos用户包的Fr3d LDAP包。无效证件

1 个答案: