Issue
I am working on integrating LDAP authentication in my project. and I followed the tutorial from official CakePHP site that guides through how to create a custom object in application src path and using those custom objects in AuthController.
So I created a folder called Auth in src with the file name called LdapAuthorize.php. The path looks like this src/Auth/LdapAuthorize.php
Here is my LdapAuthorize.php code:
namespace App\Auth;
use Cake\Auth\BaseAuthorize;
use Cake\Network\Request;
class LdapAuthorize extends BaseAuthorize {
public function authorize($user, Request $request) {
if ($user == 'username') { // where username is logged on ldap user on a computer.
return true;
}
}
}
I also called the object in AppController.php file. Here is my code:
public function initialize()
{
parent::initialize();
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'loginRedirect' => [
'controller' => 'Customers',
'action' => 'index'
],
'logoutRedirect' => [
'controller' => 'Pages',
'action' => 'display',
'home'
]
]);
$this->Auth->config('authenticate', [
'Ldap'
]);
}
So when I access the url http://localhost/AppPath/Dashboard/index I get Authentication adapter "Ldap" was not found.
Since this is my first experience with CakePHP, I couldn't find that many solution online that help troubleshoot any issues.
Adding additional code for LdapAuthenticate.php:
namespace App\Auth;
use Cake\Auth\BaseAuthenticate;
use Cake\Network\Request;
use Cake\Network\Response;
class OpenidAuthenticate extends BaseAuthenticate
{
public function authenticate(Request $request, Response $response)
{
$users = ["john", "ray"];
return $users;
}
}
Solution
What you need is a custom authentication adapter, your LdapAuthorize is a custom authorize adapter:
// in src/Auth/LdapAuthenticate.php
namespace App\Auth;
use Cake\Auth\BaseAuthenticate;
use Cake\Network\Request;
use Cake\Network\Response;
class LdapAuthenticate extends BaseAuthenticate {
protected $_host = 'your_ldap_server' ;
public function authenticate(Request $request, Response $response) {
$username = $request->data['username'] ;
$password = $request->data['password'] ;
$ds = @ldap_connect($this->_host) ;
if (!$ds) {
throw \Cake\Error\FatalErrorException ('Unable to connect to LDAP host.') ;
}
$basedn = "your ldap query... "
$dn = "uid=$username, ".$basedn;
$ldapbind = @ldap_bind($ds, $dn, $password);
if (!$ldapbind) {
return false ;
}
// Do whatever you want with your LDAP connection...
$entry = ldap_first_entry ($ldapbind) ;
$attrs = ldap_get_attributes ($ldapbind, $entry) ;
$user = [] ;
// Loop
for ($i = 0 ; $i < $attrs["count"] ; $i++) {
$user[$attrs[$i]] = ldap_values ($ldapbind, $entry, $attrs[$i])[0] ;
}
// Then close it and return the authenticated user
ldap_unbind ($ldapbind) ;
ldap_close ($ldapbind);
return $user ;
}
}
Answered By - Holt
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.