2

我是 Symfony2 的新手,正在尝试使用上述捆绑包连接到 ldap;但是我不断收到错误的凭据错误。我无法弄清楚为什么..

我的 Security.yml 文件如下所示:

security:
firewalls:
    restricted_area:
        pattern:          ^/login
        anonymous:        ~
        imag_ldap:
            check_path: login_check
            login_path: login
            csrf_provider: form.csrf_provider
            intention: authenticate
            provider: ldap
        logout:
            path:           /logout
            target:         /

providers:
    ldap:
        id: imag_ldap.security.user.provider

encoders:
    IMAG\LdapBundle\User\LdapUser: plaintext

access_control:
    - { path: ^/login,          roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/,               roles: IS_AUTHENTICATED_FULLY }

imag_ldap:
client:
    host: someip
    port: 389
#    version: 3 # Optional
#    username:  
#    password: 
#    network_timeout:
#    referrals_enabled:
#    bind_username_before:
#    skip_roles:

user:
    base_dn: dc=some, dc=dom, dc=ain
#    filter: null
    name_attribute: uid
#    attributes:

role:
    base_dn: dc=some, dc=dom, dc=ain
#    filter: null #Optional
    name_attribute: cn
    user_attribute: member
#    user_id: [ dn or username ] #Default dn

我的路线如下:

login:
    pattern:              /login
    defaults:             { _controller: IMAGLdapBundle:Default:login }
    requirements:
    _method:            GET

login_check:
    pattern:              /login_check

logout:
    pattern:              /logout

我似乎无法测试它是否真正连接,但是当我尝试去时,http://domain/app_dev.php/check_login我收到以下错误:

Unable to find the controller for path "/login_check". Maybe you forgot to add the matching route in your routing configuration?

我猜我需要添加一条路线/login_check但不确定。如果是这样,我如何调用 ldap 连接?

编辑

好的,我想我需要手握。我已将我的 security.yml 更改为以下内容:

security:
    firewalls:
        login_firewall:
            pattern:    ^/login$
            anonymous:  ~
            imag_ldap:
                check_path: login_check
                login_path: login
                csrf_provider: form.csrf_provider
                intention: authenticate
                provider: ldap
            logout:
                path:           /logout
                target:         /
        restricted_area:
            pattern:          ^/
            #anonymous:        ~ 
    providers:
        ldap:
           id: imag_ldap.security.user.provider

    encoders:
        IMAG\LdapBundle\User\LdapUser: plaintext

    access_control:
        - { path: ^/login,          roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/,               roles: IS_AUTHENTICATED_FULLY }

但现在我收到以下错误: LogicException: No authentication listener registered for firewall "restricted_area".

所以我尝试了以下方法:

security:
    firewalls:
        login_firewall:
            pattern:    ^/login$
            anonymous:  ~
            imag_ldap:
                check_path: login_check
                login_path: login
                csrf_provider: form.csrf_provider
                intention: authenticate
                provider: ldap
            logout:
                path:           /logout
                target:         /
        restricted_area:
            pattern:          ^/
            #anonymous:        ~ 
            imag_ldap:
                check_path: login_check
                login_path: login
                csrf_provider: form.csrf_provider
                intention: authenticate
                provider: ldap
            logout:
                path:           /logout
                target:         /

但这会导致重定向循环。

编辑 2 正如评论中提到的,第二部分是一个单独的问题,可以在这里找到:Symfony 2 Security.yml redirect loop and LogicException issues

4

1 回答 1

1

您还需要放在login_check防火墙后面:

firewalls:
    restricted_area:
        pattern: ^/
        #anonymous: ~
    login_firewall:
            pattern:    ^/login$
            anonymous:  ~

顺便说一句,这是“避免常见陷阱”部分中列出的常见陷阱。

有类似的东西可以帮助

于 2013-04-23T03:05:54.010 回答