请帮助我使用 Laravel4 进行 LDAP 身份验证。
我下面的配置总是返回false
我的 auth.php 是这样的:
<?php
return array(
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This driver manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/
//'driver' => 'eloquent',
'driver' => 'ldap',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
'username_field' => 'username',
'model' => 'User',
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
'table' => 'users',
/*
|--------------------------------------------------------------------------
| Password Reminder Settings
|--------------------------------------------------------------------------
|
| Here you may set the settings for password reminders, including a view
| that should be used as your password reminder e-mail. You will also
| be able to set the name of the table that holds the reset tokens.
|
| The "expire" time is the number of minutes that the reminder should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
和我的 app/config/adldap.php 是这样的:
<?php
return array(
'account_suffix' => "@pusat.corp.pln.co.id",
'domain_controllers' => array("dc01.pusat.corp.pln.co.id","pusat.corp.pln.co.id"), // An array of domains may be provided for load balancing.
'base_dn' => 'DC=pusat','DC=corp','DC=pln','DC=co','DC=id',
'real_primary_group' => true, // Returns the primary group (an educated guess).
'use_ssl' => false, // If TLS is true this MUST be false.
'use_tls' => false, // If SSL is true this MUST be false.
'recursive_groups' => true,
);
在 routes.php 中
Route::post('login', function () {
$passhash = Input::get('password');
$credentials = array(
'username' => Input::get('username'),
'password' => Input::get('password')
);
if ($a = Auth::attempt($credentials))
return '<pre>' . print_r(Auth::user(), true);
else
dd($a);
});
最佳答案
Laravel 4 的核心没有内置 LDAP 身份验证。所以这是一种将其添加到您的应用程序的快速而肮脏的方法。它使用内部 LDAP PHP 函数,因此您需要安装 php5-ldap
包:
你的 app/conf/auth.php 的配置:
'ldap_tree' => 'OU=anything,DC=domain,DC=com',
'ldap_server' => 'your.ldap.server.com',
这是您的 Controller 要使用的 LDAP 类:
class LDAP {
public static function authenticate($username, $password)
{
if(empty($username) or empty($password))
{
Log::error('Error binding to LDAP: username or password empty');
return false;
}
$ldapRdn = static::getLdapRdn($username);
$ldapconn = ldap_connect( Config::get('auth.ldap_server') ) or die("Could not connect to LDAP server.");
$result = false;
if ($ldapconn)
{
$ldapbind = @ldap_bind($ldapconn, $ldapRdn, $password);
if ($ldapbind)
{
$result = true;
} else {
Log::error('Error binding to LDAP server.');
}
ldap_unbind($ldapconn);
} else {
Log::error('Error connecting to LDAP.');
}
return $result;
}
public static function getLdapRdn($username)
{
return str_replace('[username]', $username, 'CN=[username],' . Config::get('auth.ldap_tree'));
}
}
还有一个 AuthController 来处理您应用上的登录:
class AuthController extends Controller {
public function __construct(LDAP $ldap)
{
$this->ldap = $ldap;
}
public function login()
{
if ( $this->ldap->authenticate( Input::get('email'), Input::get('password') ) )
{
$user = User::where('email', Input::get('email'))->first();
Auth::login( $user );
return Redirect::to('home');
}
return Redirect::refresh()->with('error', 'User and/or password are incorrect.');
}
public function logout()
{
if ( ! Auth::guest())
{
Auth::logout();
return Redirect::to('message')
->with('message', 'You just logged out.');
}
return Redirect::to('login');
}
}
请注意,此 Controller 正在为 LDAP 类使用依赖注入(inject),它将由 Laravel 自动注入(inject)。
关于php - 使用 Laravel4 进行 LDAP 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20115407/