Please help me with LDAP Authentication with Laravel4.
My configuration below always return false
I have my auth.php like this :
<?php
return array(
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This driver manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/
//'driver' => 'eloquent',
'driver' => 'ldap',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
'username_field' => 'username',
'model' => 'User',
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
'table' => 'users',
/*
|--------------------------------------------------------------------------
| Password Reminder Settings
|--------------------------------------------------------------------------
|
| Here you may set the settings for password reminders, including a view
| that should be used as your password reminder e-mail. You will also
| be able to set the name of the table that holds the reset tokens.
|
| The "expire" time is the number of minutes that the reminder should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
and my app/config/adldap.php like this :
<?php
return array(
'account_suffix' => "@pusat.corp.pln.co.id",
'domain_controllers' => array("dc01.pusat.corp.pln.co.id","pusat.corp.pln.co.id"), // An array of domains may be provided for load balancing.
'base_dn' => 'DC=pusat','DC=corp','DC=pln','DC=co','DC=id',
'real_primary_group' => true, // Returns the primary group (an educated guess).
'use_ssl' => false, // If TLS is true this MUST be false.
'use_tls' => false, // If SSL is true this MUST be false.
'recursive_groups' => true,
);
in routes.php
Route::post('login', function () {
$passhash = Input::get('password');
$credentials = array(
'username' => Input::get('username'),
'password' => Input::get('password')
);
if ($a = Auth::attempt($credentials))
return '<pre>' . print_r(Auth::user(), true);
else
dd($a);
});
Laravel 4 doesn't have LDAP authentication in built in its core. So this is a quick and dirty way to add it to your app. It is using internal LDAP PHP functions, so you'll need to install the php5-ldap
package:
Configuration for your app/conf/auth.php:
'ldap_tree' => 'OU=anything,DC=domain,DC=com',
'ldap_server' => 'your.ldap.server.com',
This is a LDAP class to be used by your controllers:
class LDAP {
public static function authenticate($username, $password)
{
if(empty($username) or empty($password))
{
Log::error('Error binding to LDAP: username or password empty');
return false;
}
$ldapRdn = static::getLdapRdn($username);
$ldapconn = ldap_connect( Config::get('auth.ldap_server') ) or die("Could not connect to LDAP server.");
$result = false;
if ($ldapconn)
{
$ldapbind = @ldap_bind($ldapconn, $ldapRdn, $password);
if ($ldapbind)
{
$result = true;
} else {
Log::error('Error binding to LDAP server.');
}
ldap_unbind($ldapconn);
} else {
Log::error('Error connecting to LDAP.');
}
return $result;
}
public static function getLdapRdn($username)
{
return str_replace('[username]', $username, 'CN=[username],' . Config::get('auth.ldap_tree'));
}
}
And an AuthController to process the login on your app:
class AuthController extends Controller {
public function __construct(LDAP $ldap)
{
$this->ldap = $ldap;
}
public function login()
{
if ( $this->ldap->authenticate( Input::get('email'), Input::get('password') ) )
{
$user = User::where('email', Input::get('email'))->first();
Auth::login( $user );
return Redirect::to('home');
}
return Redirect::refresh()->with('error', 'User and/or password are incorrect.');
}
public function logout()
{
if ( ! Auth::guest())
{
Auth::logout();
return Redirect::to('message')
->with('message', 'You just logged out.');
}
return Redirect::to('login');
}
}
Note that this controller is using Dependency Injection for the LDAP class, it will be injected automatically by Laravel.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With