Adldap2 / Adldap2-Laravel

LDAP Authentication & Management for Laravel
MIT License
911 stars 185 forks source link

Can not authenticate adldap2-laravel. 'userprincipalname' key is missing #714

Open Martin7532 opened 5 years ago

Martin7532 commented 5 years ago

Description:

Hello,

I try to Authenticating to my Active Directory with this package in my Laravel project. I folow all the steps in the documentation. But i faced to this error message : "The 'userprincipalname' key is missing from the given credentials array." when i try to log me.

Can someone help me ?

Thanks

stevebauman commented 5 years ago

Hi @Martin7532, I'd be glad to help.

Can you post your ldap_auth.php file with any sensitive details omitted?

Also, did you set this line to userprincipalname?:

https://github.com/Adldap2/Adldap2-Laravel/blob/d04f270e8bd591eb1e7c93a6804db40e39bdc323/src/Config/auth.php#L174

If you change this field (which should be equal to your users database table username column, then you need to change the default LoginController and add a username function:

public function username()
{
    return 'userprincipalname';
}

You would also need to modify your login.blade.php file as well, but let me know your config and I can help you get up and running.

Martin7532 commented 5 years ago

Hi Steve,

Thank you for your help

Here is my ldap_auth.php

`<?php

return [

'connection' => env('LDAP_CONNECTION', 'default'),
'provider' => Adldap\Laravel\Auth\NoDatabaseUserProvider::class,
'model' => App\User::class,
'rules' => [
    // Denys deleted users from authenticating.

    Adldap\Laravel\Validation\Rules\DenyTrashed::class,

    // Allows only manually imported users to authenticate.

    // Adldap\Laravel\Validation\Rules\OnlyImported::class,
],

'scopes' => [
    // Only allows users with a user principal name to authenticate.
    // Suitable when using ActiveDirectory.
    // Adldap\Laravel\Scopes\UpnScope::class,

    // Only allows users with a uid to authenticate.
    // Suitable when using OpenLDAP.
    // Adldap\Laravel\Scopes\UidScope::class,
],

'identifiers' => [
    'ldap' => [
        'locate_users_by' => 'userprincipalname',
        'bind_users_by' => 'distinguishedname',
    ],

    'database' => [
        'guid_column' => 'objectguid',
        'username_column' => 'email',
    ],

    'windows' => [
        'locate_users_by' => 'samaccountname',
        'server_key' => 'AUTH_USER',
    ],

],

'passwords' => [
    'sync' => env('LDAP_PASSWORD_SYNC', false),
    'column' => 'password',
],

'login_fallback' => env('LDAP_LOGIN_FALLBACK', false),

'sync_attributes' => [
    'email' => 'userprincipalname',
    'name' => 'cn',
],

'logging' => [

    'enabled' => env('LDAP_LOGGING', true),

    'events' => [

        \Adldap\Laravel\Events\Importing::class => \Adldap\Laravel\Listeners\LogImport::class,
        \Adldap\Laravel\Events\Synchronized::class => \Adldap\Laravel\Listeners\LogSynchronized::class,
        \Adldap\Laravel\Events\Synchronizing::class => \Adldap\Laravel\Listeners\LogSynchronizing::class,
        \Adldap\Laravel\Events\Authenticated::class => \Adldap\Laravel\Listeners\LogAuthenticated::class,
        \Adldap\Laravel\Events\Authenticating::class => \Adldap\Laravel\Listeners\LogAuthentication::class,
        \Adldap\Laravel\Events\AuthenticationFailed::class => \Adldap\Laravel\Listeners\LogAuthenticationFailure::class,
        \Adldap\Laravel\Events\AuthenticationRejected::class => \Adldap\Laravel\Listeners\LogAuthenticationRejection::class,
        \Adldap\Laravel\Events\AuthenticationSuccessful::class => \Adldap\Laravel\Listeners\LogAuthenticationSuccess::class,
        \Adldap\Laravel\Events\DiscoveredWithCredentials::class => \Adldap\Laravel\Listeners\LogDiscovery::class,
        \Adldap\Laravel\Events\AuthenticatedWithWindows::class => \Adldap\Laravel\Listeners\LogWindowsAuth::class,
        \Adldap\Laravel\Events\AuthenticatedModelTrashed::class => \Adldap\Laravel\Listeners\LogTrashedModel::class,
    ],
],

]; `

Do you need any other informations about my project ?

stevebauman commented 5 years ago

Hi @Martin7532,

Since you're using the NoDatabaseUserProvider, you will need to add the function to your login controller shown above, and modify the <input type="text" name="email"> input element in your login.blade.php to <input type="text" name="userprincipalname">.

Give that a shot and you should be able to authenticate.

Martin7532 commented 5 years ago

Hi Steve,

I have add the function in my LoginController, change the login.blade.php and set the username_column to userprincipalname in the ldap_auth.php file. I don't have the error message anymore it's good ! But i stay on the login page after press the login button with the correct identifiant

Thanks again for your help

stevebauman commented 5 years ago

No problem @Martin7532!

Can you check your storage/logs files and see what they say after you try to login?

Martin7532 commented 5 years ago

This is my log error:

Next Adldap\Auth\BindException: Invalid credentials in C:\laragon\www\intranet\vendor\adldap2\adldap2\src\Auth\Guard.php:109
Stack trace:
#0 C:\laragon\www\intranet\vendor\adldap2\adldap2\src\Auth\Guard.php(121): Adldap\Auth\Guard->bind('####', '####')
#1 C:\laragon\www\intranet\vendor\adldap2\adldap2\src\Connections\Provider.php(234): Adldap\Auth\Guard->bindAsAdministrator()
#2 C:\laragon\www\intranet\vendor\adldap2\adldap2-laravel\src\AdldapServiceProvider.php(106): Adldap\Connections\Provider->connect()
#3 C:\laragon\www\intranet\vendor\adldap2\adldap2-laravel\src\AdldapServiceProvider.php(67): Adldap\Laravel\AdldapServiceProvider->addProviders(Object(Adldap\Adldap), Array)
#4 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(791): Adldap\Laravel\AdldapServiceProvider->Adldap\Laravel\{closure}(Object(Illuminate\Foundation\Application), Array)
#5 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(671): Illuminate\Container\Container->build(Object(Closure))
#6 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(619): Illuminate\Container\Container->resolve('Adldap\\AdldapIn...', Array)
#7 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Application.php(757): Illuminate\Container\Container->make('Adldap\\AdldapIn...', Array)
#8 C:\laragon\www\intranet\vendor\adldap2\adldap2-laravel\src\AdldapAuthServiceProvider.php(55): Illuminate\Foundation\Application->make('Adldap\\AdldapIn...')
#9 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(791): Adldap\Laravel\AdldapAuthServiceProvider->Adldap\Laravel\{closure}(Object(Illuminate\Foundation\Application), Array)
#10 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(671): Illuminate\Container\Container->build(Object(Closure))
#11 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(619): Illuminate\Container\Container->resolve('Adldap\\Laravel\\...', Array)
#12 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Application.php(757): Illuminate\Container\Container->make('Adldap\\Laravel\\...', Array)
#13 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Container\Container.php(1233): Illuminate\Foundation\Application->make('Adldap\\Laravel\\...')
#14 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Support\Facades\Facade.php(175): Illuminate\Container\Container->offsetGet('Adldap\\Laravel\\...')
#15 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Support\Facades\Facade.php(144): Illuminate\Support\Facades\Facade::resolveFacadeInstance('Adldap\\Laravel\\...')
#16 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Support\Facades\Facade.php(231): Illuminate\Support\Facades\Facade::getFacadeRoot()
#17 C:\laragon\www\intranet\vendor\adldap2\adldap2-laravel\src\Auth\NoDatabaseUserProvider.php(54): Illuminate\Support\Facades\Facade::__callStatic('byCredentials', Array)
#18 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Auth\SessionGuard.php(349): Adldap\Laravel\Auth\NoDatabaseUserProvider->retrieveByCredentials(Array)
#19 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Auth\AuthenticatesUsers.php(85): Illuminate\Auth\SessionGuard->attempt(Array, false)
#20 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Auth\AuthenticatesUsers.php(48): App\Http\Controllers\Auth\LoginController->attemptLogin(Object(Illuminate\Http\Request))
#21 [internal function]: App\Http\Controllers\Auth\LoginController->login(Object(Illuminate\Http\Request))
#22 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Controller.php(54): call_user_func_array(Array, Array)
#23 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction('login', Array)
#24 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Route.php(219): Illuminate\Routing\ControllerDispatcher->dispatch(Object(Illuminate\Routing\Route), Object(App\Http\Controllers\Auth\LoginController), 'login')
#25 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Route.php(176): Illuminate\Routing\Route->runController()
#26 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Router.php(680): Illuminate\Routing\Route->run()
#27 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(30): Illuminate\Routing\Router->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#28 C:\laragon\www\intranet\app\Http\Middleware\RedirectIfAuthenticated.php(24): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#29 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): App\Http\Middleware\RedirectIfAuthenticated->handle(Object(Illuminate\Http\Request), Object(Closure))
#30 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#31 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Middleware\SubstituteBindings.php(41): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#32 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Routing\Middleware\SubstituteBindings->handle(Object(Illuminate\Http\Request), Object(Closure))
#33 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#34 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\VerifyCsrfToken.php(75): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#35 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#36 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#37 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\View\Middleware\ShareErrorsFromSession.php(49): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#38 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#39 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#40 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Session\Middleware\StartSession.php(56): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#41 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#42 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#43 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#44 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
#45 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#46 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Cookie\Middleware\EncryptCookies.php(66): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#47 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
#48 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#49 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#50 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Router.php(682): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#51 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Router.php(657): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#52 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Router.php(623): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
#53 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Router.php(612): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#54 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#55 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
#56 C:\laragon\www\intranet\vendor\fideloper\proxy\src\TrustProxies.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#57 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Fideloper\Proxy\TrustProxies->handle(Object(Illuminate\Http\Request), Object(Closure))
#58 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#59 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\TransformsRequest.php(21): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#60 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
#61 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#62 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\TransformsRequest.php(21): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#63 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
#64 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#65 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\ValidatePostSize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#66 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle(Object(Illuminate\Http\Request), Object(Closure))
#67 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#68 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode.php(62): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#69 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(163): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#70 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#71 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#72 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#73 C:\laragon\www\intranet\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#74 C:\laragon\www\intranet\public\index.php(55): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#75 {main} 

Thanks

JavierSaavedra commented 5 years ago

Martin7532 which was your solution?, i have same problem :/

Martin7532 commented 5 years ago

Hello,

I have used the native functions of PHP, and it's works well.

If you have problems with the function ldap_bind() check if the ldap port is allowed in your firewall config.

Edit the file /etc/init.d/firewall.save and add the port 389.

stevebauman commented 5 years ago

If you receive invalid credentials it's usually what "username" you're using to bind to your server with. For ActiveDirectory, you can only use:

So your configured username should look similar to:

[
    'base_dn' => 'dc=corp,dc=local',
    'username' => 'sbauman@corp.local',
    'password' => '*********',
]

Or:

[
    'base_dn' => 'dc=corp,dc=local',
    'username' => 'cn=Steve Bauman,ou=Users,dc=corp,dc=local',
    'password' => '*********',
]

Apologies for the long response on this issue, are you still encountering this @Martin7532?

Martin7532 commented 5 years ago

Hello Steve,

I used the native functions of PHP and it's works well.

Thanks for your help