NotificationsYou must be signed in to change notification settings
Fork9.6k
Star30.4k

[Ldap] Allow to use ldap in a chain provider#51231

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Jump to bottom

Open

l-vo wants to merge1 commit intosymfony:7.4

base:7.4

Choose a base branch

froml-vo:userprovider_chain_with_ldap

Open

[Ldap] Allow to use ldap in a chain provider#51231

l-vo wants to merge1 commit intosymfony:7.4froml-vo:userprovider_chain_with_ldap

Conversation

Copy link

Contributor

l-vo commentedAug 2, 2023•
edited
Loading

Q	A
Branch?	6.4
Bug fix?	no
New feature?	yes
Deprecations?	yes
Tickets	#41892
License	MIT
Doc PR

This PR allows to fix that theLdapUserProvider that not work properly when used in theChainProvider.

This fix relies on two ideas:

TheLdapBadge is not a badge that must be resolved, it's only used to carry Ldap data
Allow to preventCheckLdapCredentialsListener to check against the ldap directory the password for a non-ldap user using a new#[WithLdapPassword] attribute

l-vo requested review fromwouterj andchalasr ascode owners

August 2, 2023 14:51

carsonbot added Status: Needs Review Bug labels

Aug 2, 2023

carsonbot added this to the5.4 milestone

Aug 2, 2023

l-vo force-pushed theuserprovider_chain_with_ldap branch 5 times, most recently fromc63cdc0 toee6ec00Compare

August 2, 2023 15:19

nicolas-grekas reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/HttpFoundation/IpUtils.php OutdatedShow resolvedHide resolved

nicolas-grekas reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/Ldap/Security/LdapBadge.php OutdatedShow resolvedHide resolved

nicolas-grekas reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/Ldap/Security/LdapBadge.php OutdatedShow resolvedHide resolved

nicolas-grekas added the Ldap label

Aug 4, 2023

carsonbot changed the title~~Allow to use ldap in a chain provider~~[Ldap] Allow to use ldap in a chain provider

Aug 4, 2023

nicolas-grekas modified the milestones:5.4,6.4

Aug 4, 2023

l-vo force-pushed theuserprovider_chain_with_ldap branch 2 times, most recently fromc1a964d to731dcd3Compare

August 4, 2023 08:08

l-vo requested review fromlyrixx,yceruto,dunglas,OskarStark andxabbuh ascode owners

August 4, 2023 08:08

derrabus changed the base branch from5.4 to6.4

August 4, 2023 08:12

derrabus removed request fordunglas,lyrixx,wouterj,OskarStark andxabbuh

August 4, 2023 08:12

derrabus removed request foryceruto andchalasr

August 4, 2023 08:12

derrabus added the Deprecation label

Aug 4, 2023

OskarStark reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/Ldap/Security/LdapBadge.php OutdatedShow resolvedHide resolved

OskarStark reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/Ldap/Security/LdapBadge.php OutdatedShow resolvedHide resolved

l-vo force-pushed theuserprovider_chain_with_ldap branch 3 times, most recently fromfa50a1e tocbe2c95Compare

August 4, 2023 09:05

vtsykun reviewed

Aug 4, 2023

View reviewed changes

src/Symfony/Component/Ldap/Security/CheckLdapCredentialsListener.php OutdatedShow resolvedHide resolved

l-vo force-pushed theuserprovider_chain_with_ldap branch 3 times, most recently from2120810 to726db70Compare

August 8, 2023 11:32

Allow to use ldap in a chain provider

8dbeb60

l-vo force-pushed theuserprovider_chain_with_ldap branch from726db70 to8dbeb60Compare

August 8, 2023 12:51

nicolas-grekas modified the milestones:6.4,7.1

Nov 15, 2023

Copy link

Member

chalasr commentedMar 29, 2025

This looks like a feature

Copy link

ContributorAuthor

@chalasr I don't know if it's really a feature, it worked with the Guard system and the feature has seamlessly disappeared with the replacement of Guard by Authenticators (and there was no announcement that the feature was not supported with Authenticators).

stof reviewed

Apr 2, 2025

View reviewed changes

Copy link

Member

stof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I'm not sure the configuration described in the linked issue (using the same check_path forform_login andform_login_ldap) actually makes sense (and so whether this solution is valid as solution for that use case anyway)