我看过这个文档,但它没有帮助我:http://symfony.com/doc/2.8/cookbook/security/ldap.html
我有一个问题,我无法与任何用户登录.
日志文件旧:
[2016-07-06 16:56:11] request.INFO: Matched route "company_threesoccer_default_soccerfacebook". {"route_parameters":{"_controller":"company\\ThreeSoccerBundle\\Controller\\DefaultController::soccerFacebookAction","_route":"company_threesoccer_default_soccerfacebook"},"request_uri":"http://iadevelopment.instance/app_dev.php/three/soccer/facebook"} []
[2016-07-06 16:56:11] php.INFO: The Symfony\Component\Ldap\LdapClient class is deprecated since version 3.1 and will be removed in 4.0. Use the Ldap class directly instead. {"type":16384,"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/ldap/LdapClient.php","line":14,"level":28928,"stack":[{"function":"handleError","class":"Symfony\\Component\\Debug\\ErrorHandler","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/ldap/LdapClient.php","line":14,"function":"trigger_error"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/Debug/DebugClassLoader.php","line":169,"args":["/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/ldap/LdapClient.php"],"function":"require_once"},{"function":"loadClass","class":"Symfony\\Component\\Debug\\DebugClassLoader","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/appDevDebugProjectContainer.php","line":1592,"function":"spl_autoload_call"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":314,"function":"getLdapService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/appDevDebugProjectContainer.php","line":3639,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":314,"function":"getSecurity_Authentication_ManagerService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/appDevDebugProjectContainer.php","line":2133,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":314,"function":"getSecurity_Firewall_Map_Context_MainService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/classes.php","line":2944,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/classes.php","line":2586,"function":"getListeners","class":"Symfony\\Bundle\\SecurityBundle\\Security\\FirewallMap","type":"->"},{"function":"onKernelRequest","class":"Symfony\\Component\\Security\\Http\\Firewall","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php","line":61,"function":"call_user_func"},{"function":"__invoke","class":"Symfony\\Component\\EventDispatcher\\Debug\\WrappedListener","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/classes.php","line":1858,"function":"call_user_func"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/app/cache/dev/classes.php","line":1773,"function":"doDispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php","line":140,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":125,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\Debug\\TraceableEventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":64,"function":"handleRaw","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/DependencyInjection/ContainerAwareHttpKernel.php","line":69,"function":"handle","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php","line":193,"function":"handle","class":"Symfony\\Component\\HttpKernel\\DependencyInjection\\ContainerAwareHttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/IA_Development_Instance/web/app_dev.php","line":30,"function":"handle","class":"Symfony\\Component\\HttpKernel\\Kernel","type":"->"}]} []
[2016-07-06 16:56:11] security.INFO: Basic authentication Authorization header found for user. {"username":"rov"} []
[2016-07-06 16:56:11] security.INFO: Basic authentication failed for user. {"username":"rov","exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at /Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php:73, Symfony\\Component\\Security\\Core\\Exception\\UsernameNotFoundException(code: 0): Username \"rov\" does not exist. at /Applications/MAMP/htdocs/IA_Development_Instance/vendor/symfony/symfony/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php:109)"} []
日志文件已更新:
[2016-07-07 15:33:13] request.INFO: Matched route "{route}". {"route":"homepage","route_parameters":{"_controller":"AppBundle\\Controller\\DefaultController::testAction","_route":"homepage"},"request_uri":"http://ldap.test/app_dev.php/test","method":"GET"} []
[2016-07-07 15:33:13] php.INFO: The Symfony\Component\Ldap\LdapClient class is deprecated since version 3.1 and will be removed in 4.0. Use the Ldap class directly instead. {"type":16384,"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php","line":14,"level":28928,"stack":[{"function":"handleError","class":"Symfony\\Component\\Debug\\ErrorHandler","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php","line":14,"function":"trigger_error"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Debug/DebugClassLoader.php","line":142,"args":["/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php"],"function":"require_once"},{"function":"loadClass","class":"Symfony\\Component\\Debug\\DebugClassLoader","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":1659,"function":"spl_autoload_call"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getLdapService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":3549,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_User_Provider_Concrete_MyLdapService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":3477,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_Authentication_ManagerService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":2164,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_Firewall_Map_Context_MainService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":3353,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":3019,"function":"getListeners","class":"Symfony\\Bundle\\SecurityBundle\\Security\\FirewallMap","type":"->"},{"function":"onKernelRequest","class":"Symfony\\Component\\Security\\Http\\Firewall","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php","line":61,"function":"call_user_func"},{"function":"__invoke","class":"Symfony\\Component\\EventDispatcher\\Debug\\WrappedListener","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":2144,"function":"call_user_func"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":2059,"function":"doDispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php","line":136,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":129,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\Debug\\TraceableEventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":68,"function":"handleRaw","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php","line":177,"function":"handle","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/web/app_dev.php","line":30,"function":"handle","class":"Symfony\\Component\\HttpKernel\\Kernel","type":"->"}]} []
[2016-07-07 15:33:13] security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationCredentialsNotFoundException(code: 0): A Token was not found in the TokenStorage. at /Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php:53)"} []
[2016-07-07 15:33:13] security.DEBUG: Calling Authentication entry point. [] []
[2016-07-07 15:33:20] request.INFO: Matched route "{route}". {"route":"homepage","route_parameters":{"_controller":"AppBundle\\Controller\\DefaultController::testAction","_route":"homepage"},"request_uri":"http://ldap.test/app_dev.php/test","method":"GET"} []
[2016-07-07 15:33:20] php.INFO: The Symfony\Component\Ldap\LdapClient class is deprecated since version 3.1 and will be removed in 4.0. Use the Ldap class directly instead. {"type":16384,"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php","line":14,"level":28928,"stack":[{"function":"handleError","class":"Symfony\\Component\\Debug\\ErrorHandler","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php","line":14,"function":"trigger_error"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Debug/DebugClassLoader.php","line":142,"args":["/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/LdapClient.php"],"function":"require_once"},{"function":"loadClass","class":"Symfony\\Component\\Debug\\DebugClassLoader","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":1659,"function":"spl_autoload_call"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getLdapService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":3549,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_User_Provider_Concrete_MyLdapService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":3477,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_Authentication_ManagerService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/appDevDebugProjectContainer.php","line":2164,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/DependencyInjection/Container.php","line":275,"function":"getSecurity_Firewall_Map_Context_MainService","class":"appDevDebugProjectContainer","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":3353,"function":"get","class":"Symfony\\Component\\DependencyInjection\\Container","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":3019,"function":"getListeners","class":"Symfony\\Bundle\\SecurityBundle\\Security\\FirewallMap","type":"->"},{"function":"onKernelRequest","class":"Symfony\\Component\\Security\\Http\\Firewall","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php","line":61,"function":"call_user_func"},{"function":"__invoke","class":"Symfony\\Component\\EventDispatcher\\Debug\\WrappedListener","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":2144,"function":"call_user_func"},{"file":"/Applications/MAMP/htdocs/ldapTest/var/cache/dev/classes.php","line":2059,"function":"doDispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php","line":136,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":129,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\Debug\\TraceableEventDispatcher","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php","line":68,"function":"handleRaw","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php","line":177,"function":"handle","class":"Symfony\\Component\\HttpKernel\\HttpKernel","type":"->"},{"file":"/Applications/MAMP/htdocs/ldapTest/web/app_dev.php","line":30,"function":"handle","class":"Symfony\\Component\\HttpKernel\\Kernel","type":"->"}]} []
[2016-07-07 15:33:20] security.INFO: Basic authentication Authorization header found for user. {"username":"rov"} []
[2016-07-07 15:33:20] php.DEBUG: ldap_bind(): Unable to bind to server: Invalid credentials {"type":2,"file":"/Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php","line":53,"level":28928} []
[2016-07-07 15:33:20] security.INFO: Basic authentication failed for user. {"username":"rov","exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at /Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php:73, Symfony\\Component\\Security\\Core\\Exception\\UsernameNotFoundException(code: 0): User \"rov\" not found. at /Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Security/Core/User/LdapUserProvider.php:69, Symfony\\Component\\Ldap\\Exception\\ConnectionException(code: 0): Invalid credentials at /Applications/MAMP/htdocs/ldapTest/vendor/symfony/symfony/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php:54)"} []
security.yml代码旧:
providers:
in_memory:
memory: ~
my_ldap:
ldap:
service: ldap
base_dn: DC=company,DC=de
search_dn: "cn=Users, DC=company,DC=de"
search_password: MyBestPasswordEver
default_roles: ROLE_USER
uid_key: sAMAccountName
firewalls:
main:
http_basic_ldap:
service: ldap
dn_string: 'sAMAccountName={username},DC=company,DC=de'
security.yml代码已更新:
providers:
# in_memory:
# memory: ~
my_ldap:
ldap:
service: ldap
base_dn: DC=company,DC=de
search_dn: "cn=symfony, DC=company,DC=de" # symfony is a user in ldap
search_password: MyBestPasswordEver
default_roles: ROLE_USER
uid_key: sAMAccountName
firewalls:
main:
http_basic_ldap:
provider: my_ldap
service: ldap
dn_string: "{username}"
# dn_string: "sAMAccountname={username},DC=company,DC=de, cn=Users"
services.yml代码旧:
services:
ldap:
class: 'Symfony\Component\Ldap\LdapClient'
arguments:
- ldaps://adc1.company.de # host
- 389 # port
- 3 # version
- true # SSL
- false # TLS
services.ymlcode已更新:
services:
ldap:
class: 'Symfony\Component\Ldap\LdapClient'
arguments:
- adc1.company.de # host
# - 636 # port, without ssl 389, with 636
# - 2 # version
# - true # SSL
# - false # TLS
我究竟做错了什么?有没有我错过的东西?
我也安装了
"symfony/ldap": "^3.1"
最好的祝福
解决方法:
您应该能够将dn_string更改为{username}.您还将其设置为LDAP用户提供程序:
firewalls:
main:
http_basic_ldap:
provider: my_ldap
service: ldap
dn_string: "{username}"
这实际上是dn_string的默认值,所以从技术上讲,你可以完全放弃它.
编辑:
此外,您的search_dn:“cn = Users,DC = company,DC = de”需要是用户的DN.现在它指向用户的容器.它应该是执行搜索用户所需的LDAP查询的用户的完整DN.