覆盖 FR3DLdapBundle 功能和控制器
Override FR3DLdapBundle functionality and controllers
我已经使用 FOSUserBundle 安装并配置了 FR3DBundle,一切正常,但有一点我不明白,为什么 FR3DLdpaBundle 在数据库中保存用户时没有密码?当我第二次尝试登录时,我遇到了两种情况:如果连锁供应商的订单是:
providers: [fr3d_ldapbundle,fos_userbundle ]
:
FR3DLdapBundle 试图在数据库中再次插入同一用户(重复条目)!
当链商的订单为:
providers: [fos_userbundle,fr3d_ldapbundle ] :
错误无效凭证在我看来是因为在第一次登录时用户在数据库中保存了没有密码的信息。
所以我问有没有什么方法可以破解 Bundle 并覆盖一些控制器和功能以使登录功能成功运行?
这是我的 Config.yml 文件:
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: services.yml }
- { resource: "@EvalBundle/Resources/config/services.yml" }
# Put parameters here that don't need to change on each machine where the app is deployed
# http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: en
assetic:
debug: '%kernel.debug%'
use_controller: '%kernel.debug%'
filters:
cssrewrite: ~
framework:
#esi: ~
#translator: { fallbacks: ['%locale%'] }
secret: '%secret%'
router:
resource: '%kernel.root_dir%/config/routing.yml'
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: '%locale%'
trusted_hosts: ~
trusted_proxies: ~
session:
# http://symfony.com/doc/current/reference/configuration/framework.html#handler-id
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
assets: ~
php_errors:
log: true
translator: ~
# Twig Configuration
twig:
debug: '%kernel.debug%'
strict_variables: '%kernel.debug%'
cache: false
form_themes :
- bootstrap_3_layout.html.twig
- bootstrap_3_horizontal_layout.html.twig
# Doctrine Configuration
doctrine:
dbal:
driver: pdo_mysql
host: '%database_host%'
port: '%database_port%'
dbname: '%database_name%'
user: '%database_user%'
password: '%database_password%'
charset: UTF8
mapping_types:
enum: string
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
# e.g. database_path: "%kernel.root_dir%/../var/data/data.sqlite"
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
#path: '%database_path%'
orm:
auto_generate_proxy_classes: '%kernel.debug%'
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: '%mailer_transport%'
host: '%mailer_host%'
username: '%mailer_user%'
password: '%mailer_password%'
spool: { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: EvalBundle\Entity\Collaborator
from_email:
address: sahnoun.mabrouk@gmail.com
sender_name: sahnoun MABROUK
fr3d_ldap:
driver:
host: 172.16.20.21
port: 389 # Optional
username: cn=Administrator, cn=Users, dc=uib, dc=dev # Optional
password: Pr0xym-1T # Optional
# allowEmptyPassword: true # Optional
# bindRequiresDn: true # Optional
# baseDn: dc=uib, dc=dev # Optional
# accountFilterFormat: (&(uid=%s)) # Optional. sprintf format %s will be the username
# optReferrals: false # Optional
# useSsl: true # Enable SSL negotiation. Optional
# useStartTls: true # Enable TLS negotiation. Optional
# accountCanonicalForm: 3 # ACCTNAME_FORM_BACKSLASH this is only needed if your users have to login with something like HOST\User
# accountDomainName: HOST
# accountDomainNameShort: HOST # if you use the Backslash form set both to Hostname than the Username will be converted to HOST\User
user:
baseDn: cn=Users, dc=uib, dc=dev
usernameAttribute: sAMAccountName # Optional
filter: (&(ObjectClass=Person))
attributes: # Specify ldap attributes mapping [ldap attribute, user object method]
- { ldap_attr: samaccountname, user_method: setUsername }
- { ldap_attr: samaccountname, user_method: setUsernameCanonical }
- { ldap_attr: userprincipalname, user_method: setEmail }
- { ldap_attr: userprincipalname, user_method: setEmailCanonical }
#- { ldap_attr: mail, user_method: setmail }
#- { ldap_attr: cn, user_method: setgivenName } # Default
#- { ldap_attr: cn, user_method: setName } # Optional
# - { ldap_attr: ..., user_method: ... } # Optional
service:
user_hydrator: fr3d_ldap.user_hydrator.default # Overrides default user hydrator
ldap_manager: fr3d_ldap.ldap_manager.default # Overrides default ldap manager
ldap_driver: fr3d_ldap.ldap_driver.zend # Overrides default ldap driver
easy_admin:
entities:
- EvalBundle\Entity\Family
- EvalBundle\Entity\Profession
knp_paginator:
page_range: 1 # default page range used in pagination control
default_options:
page_name: page # page query parameter name
sort_field_name: sort # sort field query parameter name
sort_direction_name: direction # sort direction query parameter name
distinct: true # ensure distinct results, useful when ORM queries are using GROUP BY statements
template:
pagination: 'KnpPaginatorBundle:Pagination:twitter_bootstrap_v3_pagination.html.twig' # sliding pagination controls template
sortable: 'KnpPaginatorBundle:Pagination:sortable_link.html.twig' # sort link template
我的security.yml:
# To get started with security, check out the documentation:
# http://symfony.com/doc/current/security.html
security:
erase_credentials: false
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_ADMIN
ROLE_SUPER_ADMIN: ROLE_SUPER_ADMIN
providers:
chain_provider:
chain:
providers: [fos_userbundle,fr3d_ldapbundle]
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
api:
pattern: ^/api
fr3d_ldap_httpbasic: ~
main:
pattern: ^/
fr3d_ldap: ~
form_login:
always_use_default_target_path: true
default_target_path: /
logout:
path: /logout
target: /login
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
providers:
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
encoders:
AcmeBundle\Acme\User\LdapUser: plaintext
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin*, role: ROLE_SUPER_ADMIN}
它会自动检查 LDAP 目录:-)
表单文档:
FR3DLdapBundle 添加了对提供 and/or 在 Symfony2 中使用 LDAP 目录对用户进行身份验证的支持。
在此处查看我关于使用 Symfony 和 FR3DLdapBundle 以及与 AD 的文章:
https://alvinbunk.wordpress.com/2016/03/25/symfony-ad-integration/
它可能对你有帮助。
像这样使用提供程序:
providers: [fos_userbundle,fr3d_ldapbundle]
是正确的配置方式;如果该用户已存在于 fos_user table 中,并且您收到有关重复条目的错误,您可能必须删除现有条目。可能你一开始配置不对
此外,密码不会存储在 fos_user table 或其他任何地方,LDAP 服务器除外。您只是 "authenticate" 反对 LDAP 的用户。
我已经使用 FOSUserBundle 安装并配置了 FR3DBundle,一切正常,但有一点我不明白,为什么 FR3DLdpaBundle 在数据库中保存用户时没有密码?当我第二次尝试登录时,我遇到了两种情况:如果连锁供应商的订单是:
providers: [fr3d_ldapbundle,fos_userbundle ]
:
FR3DLdapBundle 试图在数据库中再次插入同一用户(重复条目)!
当链商的订单为:
providers: [fos_userbundle,fr3d_ldapbundle ] :
错误无效凭证在我看来是因为在第一次登录时用户在数据库中保存了没有密码的信息。 所以我问有没有什么方法可以破解 Bundle 并覆盖一些控制器和功能以使登录功能成功运行?
这是我的 Config.yml 文件:
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: services.yml }
- { resource: "@EvalBundle/Resources/config/services.yml" }
# Put parameters here that don't need to change on each machine where the app is deployed
# http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: en
assetic:
debug: '%kernel.debug%'
use_controller: '%kernel.debug%'
filters:
cssrewrite: ~
framework:
#esi: ~
#translator: { fallbacks: ['%locale%'] }
secret: '%secret%'
router:
resource: '%kernel.root_dir%/config/routing.yml'
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: '%locale%'
trusted_hosts: ~
trusted_proxies: ~
session:
# http://symfony.com/doc/current/reference/configuration/framework.html#handler-id
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
assets: ~
php_errors:
log: true
translator: ~
# Twig Configuration
twig:
debug: '%kernel.debug%'
strict_variables: '%kernel.debug%'
cache: false
form_themes :
- bootstrap_3_layout.html.twig
- bootstrap_3_horizontal_layout.html.twig
# Doctrine Configuration
doctrine:
dbal:
driver: pdo_mysql
host: '%database_host%'
port: '%database_port%'
dbname: '%database_name%'
user: '%database_user%'
password: '%database_password%'
charset: UTF8
mapping_types:
enum: string
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
# e.g. database_path: "%kernel.root_dir%/../var/data/data.sqlite"
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
#path: '%database_path%'
orm:
auto_generate_proxy_classes: '%kernel.debug%'
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: '%mailer_transport%'
host: '%mailer_host%'
username: '%mailer_user%'
password: '%mailer_password%'
spool: { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: EvalBundle\Entity\Collaborator
from_email:
address: sahnoun.mabrouk@gmail.com
sender_name: sahnoun MABROUK
fr3d_ldap:
driver:
host: 172.16.20.21
port: 389 # Optional
username: cn=Administrator, cn=Users, dc=uib, dc=dev # Optional
password: Pr0xym-1T # Optional
# allowEmptyPassword: true # Optional
# bindRequiresDn: true # Optional
# baseDn: dc=uib, dc=dev # Optional
# accountFilterFormat: (&(uid=%s)) # Optional. sprintf format %s will be the username
# optReferrals: false # Optional
# useSsl: true # Enable SSL negotiation. Optional
# useStartTls: true # Enable TLS negotiation. Optional
# accountCanonicalForm: 3 # ACCTNAME_FORM_BACKSLASH this is only needed if your users have to login with something like HOST\User
# accountDomainName: HOST
# accountDomainNameShort: HOST # if you use the Backslash form set both to Hostname than the Username will be converted to HOST\User
user:
baseDn: cn=Users, dc=uib, dc=dev
usernameAttribute: sAMAccountName # Optional
filter: (&(ObjectClass=Person))
attributes: # Specify ldap attributes mapping [ldap attribute, user object method]
- { ldap_attr: samaccountname, user_method: setUsername }
- { ldap_attr: samaccountname, user_method: setUsernameCanonical }
- { ldap_attr: userprincipalname, user_method: setEmail }
- { ldap_attr: userprincipalname, user_method: setEmailCanonical }
#- { ldap_attr: mail, user_method: setmail }
#- { ldap_attr: cn, user_method: setgivenName } # Default
#- { ldap_attr: cn, user_method: setName } # Optional
# - { ldap_attr: ..., user_method: ... } # Optional
service:
user_hydrator: fr3d_ldap.user_hydrator.default # Overrides default user hydrator
ldap_manager: fr3d_ldap.ldap_manager.default # Overrides default ldap manager
ldap_driver: fr3d_ldap.ldap_driver.zend # Overrides default ldap driver
easy_admin:
entities:
- EvalBundle\Entity\Family
- EvalBundle\Entity\Profession
knp_paginator:
page_range: 1 # default page range used in pagination control
default_options:
page_name: page # page query parameter name
sort_field_name: sort # sort field query parameter name
sort_direction_name: direction # sort direction query parameter name
distinct: true # ensure distinct results, useful when ORM queries are using GROUP BY statements
template:
pagination: 'KnpPaginatorBundle:Pagination:twitter_bootstrap_v3_pagination.html.twig' # sliding pagination controls template
sortable: 'KnpPaginatorBundle:Pagination:sortable_link.html.twig' # sort link template
我的security.yml:
# To get started with security, check out the documentation:
# http://symfony.com/doc/current/security.html
security:
erase_credentials: false
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_ADMIN
ROLE_SUPER_ADMIN: ROLE_SUPER_ADMIN
providers:
chain_provider:
chain:
providers: [fos_userbundle,fr3d_ldapbundle]
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
api:
pattern: ^/api
fr3d_ldap_httpbasic: ~
main:
pattern: ^/
fr3d_ldap: ~
form_login:
always_use_default_target_path: true
default_target_path: /
logout:
path: /logout
target: /login
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
providers:
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
encoders:
AcmeBundle\Acme\User\LdapUser: plaintext
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin*, role: ROLE_SUPER_ADMIN}
它会自动检查 LDAP 目录:-)
表单文档: FR3DLdapBundle 添加了对提供 and/or 在 Symfony2 中使用 LDAP 目录对用户进行身份验证的支持。
在此处查看我关于使用 Symfony 和 FR3DLdapBundle 以及与 AD 的文章:
https://alvinbunk.wordpress.com/2016/03/25/symfony-ad-integration/
它可能对你有帮助。 像这样使用提供程序:
providers: [fos_userbundle,fr3d_ldapbundle]
是正确的配置方式;如果该用户已存在于 fos_user table 中,并且您收到有关重复条目的错误,您可能必须删除现有条目。可能你一开始配置不对
此外,密码不会存储在 fos_user table 或其他任何地方,LDAP 服务器除外。您只是 "authenticate" 反对 LDAP 的用户。