New in Symfony 2.8: LDAP component

Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.
Contributed by
Charles Sarrazin
and
Grégoire Pineau
in #14602.
LDAP, which stands for Lightweight Directory Access Protocol, is "an open standard for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network".
LDAP is used by lots of companies as a centralized repository for user information, including their security roles, and as an authentication service. That's why Symfony 2.8 includes a new LDAP component which provides seamless integration with the Symfony Security component.
Before enabling the LDAP authentication, define a new service to configure the connection settings, such as the host, the port, the LDAP version, etc.
1 2 3 4 5
# app/config/services.yml
services:
app.ldap:
class: Symfony\Component\Security\Ldap\Ldap
arguments: [ "ldap.example.com" ]
Then, you can use the LDAP component both as a user provider and as the firewalls' authentication mechanism. These are the configurable fields for the LDAP user provider:
1 2 3 4 5 6 7 8 9 10 11 12 13
# app/config/security.yml
security:
# ...
providers:
app_users:
ldap:
service: app.ldap
base_dn: dc=example,dc=com
search_dn: CN=My User,OU=Users,DC=example,DC=com
search_password: p455w0rd
filter: (sAMAccountName={username})
default_roles: ROLE_USER
When used as an authentication mechanism, you can configure it with a login form or with the HTTP basic mechanism:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
# app/config/security.yml
security:
# ...
firewalls:
api:
provider: app_users
stateless: true
pattern: ^/api
http_basic_ldap:
service: app.ldap
dn_string: "{username}@example"
backend:
provider: app_users
pattern: ^/admin
logout:
path: logout
target: login
form_login_ldap:
service: app.ldap
dn_string: CN={username},OU=Users,DC=example,DC=com
check_path: login_check
login_path: login
This component relies on the PHP LDAP extension, so make sure to configure and enable that PHP extension before using this component.
Help the Symfony project!
As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.
Comments
Comments are closed.
To ensure that comments stay relevant, they are closed for old posts.
"symfony/ldap": "2.8"
Namespace from 'app/config/services.yml' different:
NOT
Symfony\Component\Security\Ldap\Ldap
BUT
Symfony\Component\Ldap\LdapClient
http://stackoverflow.com/questions/34365482/ldap-authentication-with-symfony-2-8