问题
I'm struggeling to replace the LdapUserProvider.
I created my own provider (App\Security\MyLdapUserProvider based on LdapUserProvider but retrieves more information) and my own UserInterface (App\Security\MyUser) with more attributes to store the data.
In the end I want to retrieve the groups and the displayName of the user.
Here is my config:
services.yaml:
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
Symfony\Component\Ldap\Ldap:
arguments: ['@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter']
Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
arguments:
- host: 10.106.1.1
port: 389
#encryption: tls
options:
protocol_version: 3
referrals: false
security.yaml:
providers:
#in_memory: { memory: ~ }
my_ldap:
ldap:
service: Symfony\Component\Ldap\Ldap
base_dn: "dc=XXXXXX,dc=com"
search_dn: "CN=XXXXXXXXXX,OU=LDAP,OU=Services Accounts,OU=Administration,DC=XXXXXXXXX,DC=com"
search_password: "ergergergergerg"
default_roles: ROLE_USER
filter: "({uid_key}={username})"
uid_key: samAccountName
#password_attribute: displayName
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
security: true
anonymous: true
provider: my_ldap
form_login_ldap:
login_path: /login
check_path: /login
service: Symfony\Component\Ldap\Ldap
dn_string: 'dc=XXXXXX,dc=com'
query_string: '(samAccountName={username})'
logout:
path: /logout
target: /
Where can I tell the security provider to use my own ldap provider instead of the default one ?
Symfony processes are still a bit complicated to me so if someone can take time to explain..
Symfony docs is an endless loop of redirecting between CustomUserProvider > Ldap config > CustomeUSerProvider...
回答1:
As described in the documentation chapter Creating A Custom User Provider you need to add your User Provider as a new key under security.providers and configure it's id.
This id is the name of of your custom User Provider service which - in recent versions of symfony - equals the FQCN .
# security.yaml
security:
providers:
# the name of your user provider can be anything
my_ldap_provider:
id: 'App\Security\MyLdapUserProvider'
Then you can use this provider for one of the firewalls like this:
security:
# [..]
firewalls:
main:
pattern: '^/'
provider: 'my_ldap_provider'
Symfony's LdapUserProvider looks like this:
class LdapUserProvider implements UserProviderInterface
{
private $ldap;
private $baseDn;
private $searchDn;
private $searchPassword;
private $defaultRoles;
private $uidKey;
private $defaultSearch;
private $passwordAttribute;
private $extraFields;
public function __construct(
LdapInterface $ldap,
string $baseDn,
string $searchDn = null,
string $searchPassword = null,
array $defaultRoles = [],
string $uidKey = null,
string $filter = null,
string $passwordAttribute = null,
array $extraFields = []
)
{
In order to create your MyLdapUserProvider service that extends LdapUserProvider correctly you need a service-definition like this:
# services.yaml
services:
App\Security\MyLdapUserProvider:
arguments:
$adminEmail: '%admin_email%'
$ldap: '@Symfony\Component\Ldap\Ldap'
$baseDn: 'dc=XXXXXX,dc=com'
$searchDn: 'CN=XXXXXXXXXX,OU=LDAP,OU=Services Accounts,OU=Administration,DC=XXXXXXXXX,DC=com'
$searchPassword: 'ergergergergerg'
$defaultRoles: ['ROLE_USER']
$filter: '({uid_key}={username})'
$uidKey: 'samAccountName'
来源:https://stackoverflow.com/questions/57092961/how-to-extend-ldapuserprovider-and-use-a-custom-ldap-user-provider-in-symfony