stmswitcher/yii2-ldap-auth

Yii Framework Extensions

Popular Tags

stmswitcher/yii2-ldap-auth Simple library to handle auth over LDAP in Yii 2 applications.

Yii2 LDAP Auth ¶

Simple extension to handle auth over LDAP in Yii 2 applications.

This extension intended for applications that rely only on LDAP authentication and does not support access tokens.

Installation ¶

composer require "stmswitcher/yii2-ldap-auth"

Example of configuration and a use case ¶

Considering yii2-app-basic:

Configure the component in your configuration file and change user identity class ¶

'components' => [
    ...
    'ldapAuth' => [
        'class' => '\stmswitcher\Yii2LdapAuth\LdapAuth',
        'host' => 'your-ldap-hostname',
        'baseDn' => 'dc=work,dc=group',
        'searchUserName' => '<username for a search user>',
        'searchUserPassword' => '<password for a search user>',

        // optional parameters and their default values
        'ldapVersion' => 3,             // LDAP version
        'protocol' => 'ldaps://',       // Protocol to use           
        'followReferrals' => false,     // If connector should follow referrals
        'port' => 636,                  // Port to connect to
        'loginAttribute' => 'uid',      // Identifying user attribute to look up for
        'ldapObjectClass' => 'person',  // Class of user objects to look up for
        'timeout' => 10,                // Operation timeout, seconds
        'connectTimeout' => 5,          // Connect timeout, seconds
    ],
    ...
    
    'user' => [
        'identityClass' => '\stmswitcher\Yii2LdapAuth\Model\LdapUser',
    ],
    ...
]

Update methods in LoginForm class ¶

use stmswitcher\Yii2LdapAuth\Model\LdapUser;

...

public function validatePassword($attribute, $params)
{
    if (!$this->hasErrors()) {
        $user = LdapUser::findIdentity($this->username);

        if (!$user || !Yii::$app->ldapAuth->authenticate($user->getDn(), $this->password)) {
            $this->addError($attribute, 'Incorrect username or password.');
        }
    }
}

...

public function login()
{
    if ($this->validate()) {
        return Yii::$app->user->login(
            LdapUser::findIdentity($this->username),
            $this->rememberMe
                ? 3600*24*30 : 0
        );
    }
    return false;
}

Verify that user belongs to LDAP group ¶

If you need also need to check if user is a member of certain LDAP group, use one more parameter for the authenticate function: `php Yii::$app->ldapAuth->authenticate($user->getDn(), $this->password, 'cn=auth-user-group') `

Now you can login with LDAP credentials to your application.

0 0

1 follower

3 234 downloads

Yii Version: 2.0

License: MIT

Category: Auth

Tags: ldap

Developed by: Denis Alexandrov

Created on: Jul 2, 2020

Last updated: (not set)

Packagist Profile
Github Repository

Related Extensions

User Contributed Notes 3

#21130

0 0

it's not working from my side , giving error

Unknown Property – yii\base\UnknownPropertyException
Getting unknown property: yii\web\Application::ldapAuth

please share solution regarding that.

Saurabh Arora at Feb 12, 2023, 4:08:54 PM

#21196

0 0

aurabh Arora at Feb 12, 2023, 4:08:54 PM
Getting unknown property: yii\web\Application::ldapAuth

Check if you have the php extension enabled - ldap (php.ini)

Solv at Feb 22, 2024, 7:34:14 AM

#21229

0 0

I use the Extension with php 8.3. Here i get an Deprecated Warning, when the Port is seperated from the connection string. My Solution fot that is:
`
protected function connect(): void

{
    if (is_resource($this->connection)) {
        return;
    }

    $this->connection = ldap_connect($this->protocol . $this->host.":". $this->port);

.....

Kurt Hohenauer at Aug 10, 2024, 11:47:30 AM

Categories

Popular Tags