search

Adldap2 / Adldap2-Laravel

LDAP Authentication & Management for Laravel
MIT License
911 stars 185 forks source link

OpenLDAP + NoDatabaseUserProvider its not working #755

Open rafaelcavalcanti opened 5 years ago

rafaelcavalcanti commented 5 years ago

Description:

I'm trying to connect on a OpenLDAP + NoDatabaseUserProvider but always return false. So, looking into the code i could see this:

https://github.com/Adldap2/Adldap2-Laravel/blob/e7a88e019b13b3a370b31c1e7f5784c5dec1804a/src/AdldapServiceProvider.php#L111

and this:

https://github.com/Adldap2/Adldap2/blob/c406c02b095022555dbad19b4b382ce4b31420af/src/Connections/Provider.php#L253-L268

So the script will always go throught bindAsAdministrator method. If there is no issue on that, what i'm doing wrong?

But when i try by ldap function directly, its works: 

$username = 'username1234';
$password = 'password1234';
$ldap_usr_dom = '@hostname.com';
$ldap_dn = "DC=echo,DC=quinstreet,DC=net";
$ldap_host = 'my.hostname.com';

$ldap = ldap_connect($ldap_host);

ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);

// verify user and password
if ($bind = @ldap_bind($ldap, $username . $ldap_usr_dom, $password)) {
  echo "binded";
  $filter = "(sAMAccountName=" . $username . ")";
  $attr = array("memberof");
  $result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
  $entries = ldap_get_entries($ldap, $result);
  ...
} else {
  echo "Not-binded";
}

I cant upgrade PHP version and Laravel version yet.

Steps To Reproduce:

route/web.php:

Auth::routes(['reset' => false, 'verify' => false, 'register' => false]);

config/auth.php:

return [
    'defaults' => [
        'guard' => 'ldap',
         ...
    ],
    'guards' => [
        'ldap' => [
            'driver' => 'session',
            'provider' => 'ldap'
        ],
        ...
    ],
     'providers' => [
        'ldap' => [
            'driver' => 'adldap',
        ]
        ...
    ]
];

config/adldap.php:

return [
    ...
    'connections' => [
        'default' => [
              ...
              'schema' => Adldap\Schemas\OpenLDAP::class,
        ]
    ]
]

config/adldap_auth.php:

return [
     'provider' => Adldap\Laravel\Auth\NoDatabaseUserProvider::class,
     'usernames' => [
           'ldap' => [
               'discover' => 'username',
               'authenticate' => 'distinguishedname',
           ],
      ],
     'rules' => [
        Adldap\Laravel\Validation\Rules\DenyTrashed::class,
     ]
     'scopes' => [],
]

app\http\controllers\logincontroller.php@LoshowLoginForm:

public function showLoginForm() {
        $credentials = [
            'username' => 'username1234',
            'password' => 'password1234',
        ];
        var_dump(Auth::guard()->attempt($credentials));
        exit;
}

Thank You

stevebauman commented 5 years ago

Hi @rafaelcavalcanti,

First thing - are you sure you're using OpenLDAP? In your posted code you have a filter requesting the sAMAccountName attribute - which does not exist in OpenLDAP.

rafaelcavalcanti commented 5 years ago

Hello @stevebauman, that code was just for example, the bind function line its working. But using with this project i cant auth correctly. Maybe there is something wrong with my configuration. Could you please help me?