How to use ldap in UserIdentity for authentication

You are viewing revision #7 of this wiki article.
This version may not be up to date with the latest version.
You may want to view the differences to the latest version or see the changes made in this revision.

« previous (#5)next (#8) »

Yii does not have an LDAP class itself, but its very easy to implement LDAP in the stock UserIdentity class.

To do so, open your protected/components/UserIdentity.php and remove or comment out the code in the authenticate() method, before replacing it with this:

$options = Yii::app()->params['ldap'];
$dc_string = "dc=" . implode(",dc=",$options['dc']);
 
$connection = ldap_connect($options['host']);
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
 
if($connection)
{
    $bind = ldap_bind($connection, "uid={$this->username},ou={$options['ou']},{$dc_string}", $this->password);
 
    if(!$bind) $this->errorCode = self::ERROR_PASSWORD_INVALID;
    else $this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;

Once you have done this, open up your configs/main.php file, and add the following to the 'params' array at the bottom of the file:

'ldap' => array(
    'host' => 'hostname',
    'ou' => 'organisational-unit', // such as "people" or "users"
    'dc' => array('example','com'),
),

Replace the host with the hostname of the LDAP server, ou with the organisational unit you want to authenticate against (most LDAP servers use a broad terminology, such as "people"), and dc with the base DN. (For example array("ucla","edu") // ucla.edu)

11 0
18 followers
Viewed: 96 961 times
Version: Unknown (update)
Category: Tutorials
Written by: BeerSerc
Last updated by: Navarr
Created on: Jan 26, 2010
Last updated: 10 years ago
Update Article

Revisions

View all history

Related Articles