Symfony 3.4覆盖内置LdapUserProvider中的单个方法

I'm trying to grant roles to a user according to their LDAP dn when they log in through the LDAP. To do that, I'd like to override the loadUser method from Symfony\Component\Security\Core\User\LdapUserProvider, but I don't really know how to proceed as, if I understand correctly (I'm quite new at using Symfony :p), it's not a service, but part of one? So, is there a way to override that method easily, or do I need to redefine the whole Ldap service?

What I've tried is:

// app/config/services.yml
[...]
Symfony\Component\Ldap\Ldap:
    arguments: ['@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter']
Symfony\Component\Security\Core\User\LdapUserProvider:
    class: AppBundle\Services\LdapUserProvider
Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
    arguments:
        - host: '%ldap_host%'
          port: '%ldap_port%'

// src/Services/LdapUserProvider.php
namespace AppBundle\Services;

use Symfony\Component\Ldap\Entry;

class LdapUserProvider extends \Symfony\Component\Security\Core\User\LdapUserProvider {
    protected function loadUser($username, Entry $entry)
    {
        $password = null;

        if (null !== $this->passwordAttribute) {
            $password = $this->getAttributeValue($entry, $this->passwordAttribute);
        }

        return new User($username, $password, array('ROLE_TEST'));
    }
}

But of course it doesn't work and I don't get the ROLE_TEST role.

Thanks by advance!

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

donglan6777 2019-03-15 14:51

关注

You can use this tutorial:

https://medium.com/@devstan/extended-ldap-with-symfony-3-30be6f1a36b1

and you should create a LdapUser class that implements UserInterface

1.LDAP user provider

<?php
namespace YourAppBundle\Security\User;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Ldap\Entry;
use Symfony\Component\Security\Core\User\LdapUserProvider as BaseLdapUserProvider;
class LdapUserProvider extends BaseLdapUserProvider
{
    /**
     * {@inheritdoc}
     */
    public function refreshUser(UserInterface $user)
    {
        if (!$user instanceof LdapUser) {
            throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
        }
        return new LdapUser($user->getUsername(), null, $user->getRoles(), $user->getLdapEntry());
    }
    /**
     * {@inheritdoc}
     */
    public function supportsClass($class)
    {
        return $class === 'YourAppBundle\Security\User\LdapUser';
    }
    /**
     * {@inheritdoc}
     */
    protected function loadUser($username, Entry $entry)
    {
        $user = parent::loadUser($username, $entry);
        return new LdapUser($username, $user->getPassword(), $user->getRoles(), $entry);
    }
}

2.LDAP user

    <?php
    namespace YourAppBundle\Security\User;
    use Symfony\Component\Security\Core\User\UserInterface;
    use Symfony\Component\Ldap\Entry;
    class LdapUser implements UserInterface
    {
        const LDAP_KEY_DISPLAY_NAME = 'displayName';
        const LDAP_KEY_MAIL = 'mail';
        protected $username;
        protected $password;
        protected $roles;
        protected $ldapEntry;
        protected $displayName;
        protected $eMail;
        public function __construct($username, $password, array $roles, Entry $ldapEntry)
        {
            if ('' === $username || null === $username) {
                throw new \InvalidArgumentException('The username cannot be empty.');
            }
            $this->username    = $username;
            $this->password    = $password;
            $this->roles       = $roles;
            $this->ldapEntry   = $ldapEntry;
            $this->displayName = $this->extractSingleValueByKeyFromEntry(
                $ldapEntry,
                self::LDAP_KEY_DISPLAY_NAME,
                $username
            );
            $this->eMail       = $this->extractSingleValueByKeyFromEntry($ldapEntry, self::LDAP_KEY_MAIL);
        }
        public function __toString()
        {
            return (string) $this->getUsername();
        }
        public function getDisplayName()
        {
            return $this->displayName;
        }
        /**
         * @return Entry
         */
        public function getLdapEntry()
        {
            return $this->ldapEntry;
        }
        /**
         * {@inheritdoc}
         */
        public function getRoles()
        {
            return $this->roles;
        }
        /**
         * {@inheritdoc}
         */
        public function getPassword()
        {
            return $this->password;
        }
        /**
         * {@inheritdoc}
         */
        public function getSalt()
        {
        }
        /**
         * {@inheritdoc}
         */
        public function getUsername()
        {
            return $this->username;
        }
        /**
         * {@inheritdoc}
         */
        public function eraseCredentials()
        {
        }
        /**
         * Extracts single value from entry's array value by key.
         *
         * @param Entry       $entry        Ldap entry
         * @param string      $key          Key
         * @param null|string $defaultValue Default value
         *
         * @return string|null
         */
        protected function extractSingleValueByKeyFromEntry(Entry $entry, $key, $defaultValue = null)
        {
            $value = $this->extractFromLdapEntry($entry, $key, $defaultValue);
            return is_array($value) && isset($value[0]) ? $value[0] : $defaultValue;
        }
        /**
         * Extracts value from entry by key.
         *
         * @param Entry  $entry        Ldap entry
         * @param string $key          Key
         * @param mixed  $defaultValue Default value
         *
         * @return array|mixed
         */
        protected function extractFromLdapEntry(Entry $entry, $key, $defaultValue = null)
        {
            if (!$entry->hasAttribute($key)) {
                return $defaultValue;
            }
            return $entry->getAttribute($key);
        }
    }

3.Services.yml

we need to define our newly created ldap user provider service

    services:

        ...
    app.ldap:
            class: Symfony\Component\Ldap\Ldap
            factory: ['Symfony\Component\Ldap\Ldap', 'create']
            arguments:
                - 'ext_ldap'
                - host: '%ldap_host%'
    app.ext_ldap_user_provider:
                class: YourAppBundle\Security\User\LdapUserProvider
                arguments:
                    - '@app.ldap'               # LDAP component instance
                    - '%ldap_base_dn%'          # Base dn
                    - '%ldap_search_dn%'        # Search dn
                    - '%ldap_search_password%'  # Search user password
                    - ['ROLE_SUPER_ADMIN']      # Roles
                    - '%ldap_uid_key%'          # LDAP uid key
                    - '%ldap_filter%'           # filter

4.Security.yml

Here is just an example usage of our provider — the “/ui” will be secured with LDAP.

security:
     encoders:

     ...
     YourAppBundle\Security\User\LdapUser:
            algorithm: bcrypt
            cost: 12
     providers:

     ...
        ldap_users:
            id: app.ext_ldap_user_provider
...
     firewalls:
         frontend:
            anonymous: ~
            provider: ldap_users
            form_login_ldap:
                service: app.ldap
                dn_string: '%ldap_dn_string%'
                login_path: front-login
                check_path: front-login
                default_target_path: /ui
            logout:
                path: front-logout
                target: front-login
     access_control:

        ...
        - { path: ^/ui/logout, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ui/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ui, roles: IS_AUTHENTICATED_FULLY }

本回答被题主选为最佳回答 , 对您是否有帮助呢?

报告相同问题？

关注问题

Symfony 3.4 - 自动服务线在方法中不起作用 php symfony
2018-09-27 13:49

回答 1 已采纳 It's part of services.yaml already in Symfony 4, but introduced in version 3.3, so this might help
为什么在symfony 3.4中呈现php模板是打印http标头？ php symfony
2018-08-13 08:18

回答 1 已采纳 Well, after asking I still researching about it and I finally found out why and thanks to this art
在Symfony 3.4中对单元测试中的服务进行模拟 php symfony
2018-01-17 09:27

回答 1 已采纳 1) it's no need to write unit tests for controllers. If there is some login, then move it to Manag
FirebaseWebService:Symfony 3.4中用于Firebase的Web服务
2021-05-15 17:39

FirebaseWebService是基于Symfony 3.4框架构建的一个项目，它主要功能是为Firebase提供Web服务接口，便于在PHP环境中与Firebase进行数据交互。Firebase是一个由Google提供的实时云数据库和后端服务，它允许开发者...
Symfony 3.4使用parameters.yml中的变量覆盖env变量 php symfony
2018-12-05 16:38

回答 1 已采纳 Looks like everything works correctly - it's just the parameter debug output that confused me.
Symfony 3.4表单中的CollectionType数组 php symfony
2018-04-25 16:42

回答 1 已采纳 There is an example of how to do what you're looking to achieve in the Symfony Documentation on Ho
在symfony 3.4中的FosUser登录中添加Captcha php symfony
2018-02-16 09:29

回答 1 已采纳 Finally I solve my problem using the option 1 from my post and changing the extending to /src/User
symfony3.4-博客简单
2021-02-13 22:24

Symfony标准版警告：此发行版不支持Symfony4。请参阅“页面以找到最适合您的替代产品。欢迎使用Symfony标准版-一个功能齐全的Symfony应用程序，您可以将其用作新应用程序的框架。有关如何下载和开始使用Symfony...
表格事件中的Symfony 3.4 Ajax ajax php symfony
2018-03-21 08:48

回答 1 已采纳 with this formModifier you only change the fields that your form have. I don't know where you have
Doctrine 2.2 Symfony 3.4中的日期时间字符串转换 php symfony
2018-08-16 11:03

回答 1 已采纳 If I recall correctly, you should either use literal(), or query parameter. And since the lte argu
无法在Symfony 3.4中捕获异常 php
2018-08-16 05:15

回答 1 已采纳 Division by zero is a Fatal Error, not an exception that can be caught. You could however use the
symfony3.4离线工程包
2018-12-02 16:22

简单的模板功能symfony是一个开源的PHP Web框架。...但是它的使用需要安装composer等工具，并且需要互联网连接，对于没有互联网环境，但是又想学习symfony框架的同学，可以下载这个离线工程包，里面带有依赖的php库
symfony3.4-auth-mange-artical
2021-02-13 22:05

基于Symfony 3.4的演示项目安装1.克隆或下载存储库https://github.com/edlef/symfony-demo.git2.运行作曲家composer install3.运行安装脚本以创建数据库并加载固定装置sh bin/install.sh4.运行服务器并转到或设置VH ...
地址簿：基于Symfony 3.4和PHP 7.2构建
2021-02-22 07:25

从（手动下载，composer.phar）下载composer，然后运行php composer.phar install 设置DB php bin/console doctrine:schema:update --force 将Http服务器DocumentRoot设置为“ / address-book / web” 运行测试cd ...
afterWork2:symfony 3.4下的开源事件管理工具
2021-05-01 08:48

afterWork2 Afterwork是一个允许您管理事件的项目，作为一个学生，我想围绕这个项目创建一个社区。我邀请您来参与并帮助我实现此Web应用程序。产品服务器链接先决条件Docker安装docker-compose builddocker-compose ...
symfony3-messenger-demo：与Symfony 3.4一起使用Symfony Messenger组件的演示项目
2021-02-06 03:00

这个"symfony3-messenger-demo"项目是专门为展示如何在Symfony 3.4版本中集成和使用Messenger组件而创建的。首先，我们来看第一部分：配置组件的同步模式。在同步模式下，发送的消息会被立即处理，而不是被存储...
Symfony2实现在doctrine中内置数据的方法
2020-10-22 20:37

首先，要实现Symfony2在Doctrine中内置数据，我们需要引入DoctrineFixturesBundle。这个Bundle是Symfony的一个社区驱动的扩展，它提供了一套标准的接口和工具，用于在数据库中加载初始数据。具体来说，我们通过修改...
学习PHP框架Symfony3.4 安装
2021-02-24 10:35

柚子cc的博客本人采用的是composer方式下载...composer create-project symfony/framework-standard-edition my_project_name（项目名称） Composer创建Symfony指定版本命令： composer create-project symfony/framework...
Symfony 高性能php框架 v4.0 RC1
2020-11-27 06:45

4. **模板引擎**：虽然“简单的模板功能”在描述中被提及，但Symfony 的Twig模板引擎提供了丰富的功能，包括变量、控制结构、过滤器、函数，以及对HTML、CSS和JavaScript的嵌入支持，让开发者能够创建清晰、可读性强...
没有解决我的问题, 去提问

悬赏问题

¥15 做个有关计算的小程序
¥15 MPI读取tif文件无法正常给各进程分配路径
¥15 如何用MATLAB实现以下三个公式（有相互嵌套）
¥30 关于#算法#的问题：运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题求各位帮我解答一下
¥15 setInterval 页面闪烁，怎么解决
¥15 如何让企业微信机器人实现消息汇总整合
¥50 关于#ui#的问题：做yolov8的ui界面出现的问题
¥15 如何用Python爬取各高校教师公开的教育和工作经历
¥15 TLE9879QXA40 电机驱动
¥20 对于工程问题的非线性数学模型进行线性化

码龄粉丝数原力等级 --

Symfony 3.4覆盖内置LdapUserProvider中的单个方法

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Symfony 3.4覆盖内置LdapUserProvider中的单个方法

1条回答 默认 最新

悬赏问题

1条回答默认最新