Adldap2 / Adldap2-Laravel

LDAP Authentication & Management for Laravel
MIT License
911 stars 185 forks source link

Can't authenticate username is empty into guard->attempt #875

Open Vergence007 opened 4 years ago

Vergence007 commented 4 years ago

Description:

Morning, I keep getting the message "A username must be specified." when trying to login my app. Connection to LDAP is OK, sync also, in my database/table users i see all username with password. But can't login with anyone username.

my .env

LDAP_HOSTS=ldap.forumsys.com
LDAP_BASE_DN=dc=example,dc=com
LDAP_USERNAME=cn=read-only-admin,dc=example,dc=com
LDAP_PASSWORD=password
LDAP_PASSWORD_SYNC=true

my ldap.php


<?php

return [

    'logging' => env('LDAP_LOGGING', false),

     'connections' => [

        'default' => [

                  'auto_connect' => env('LDAP_AUTO_CONNECT', true),

                  'connection' => Adldap\Connections\Ldap::class,

               'settings' => [

               'schema' => Adldap\Schemas\OpenLDAP::class, 

               'account_prefix' => env('LDAP_ACCOUNT_PREFIX', ''),

               'account_suffix' => env('LDAP_ACCOUNT_SUFFIX', ''),

              'hosts' => explode(' ', env('LDAP_HOSTS', 'corp-dc1.corp.acme.org corp-dc2.corp.acme.org')),

               'port' => env('LDAP_PORT', 389),

               'timeout' => env('LDAP_TIMEOUT', 5),

                'base_dn' => env('LDAP_BASE_DN', 'dc=corp,dc=acme,dc=org'),

                'username' => env('LDAP_USERNAME', 'username'),
                'password' => env('LDAP_PASSWORD', 'secret'),

                'follow_referrals' => false,

                'use_ssl' => env('LDAP_USE_SSL', false),
                'use_tls' => env('LDAP_USE_TLS', false),

            ],

        ],

    ],

];

my ldap_auth

<?php

return [

     'connection' => env('LDAP_CONNECTION', 'default'),

    'provider' => Adldap\Laravel\Auth\DatabaseUserProvider::class,

    'model' => App\User::class,

    'rules' => [

        // Denys deleted users from authenticating.

        Adldap\Laravel\Validation\Rules\DenyTrashed::class,

        // Allows only manually imported users to authenticate.

        // Adldap\Laravel\Validation\Rules\OnlyImported::class,

    ],

    'scopes' => [

        // Only allows users with a user principal name to authenticate.
        // Suitable when using ActiveDirectory.
        // Adldap\Laravel\Scopes\UpnScope::class,

        // Only allows users with a uid to authenticate.
        // Suitable when using OpenLDAP.
        // Adldap\Laravel\Scopes\UidScope::class,

    ],

    'identifiers' => [

        'ldap' => [

            'locate_users_by' => 'uid',

            'bind_users_by' => 'distinguishedname',

        ],

        'database' => [

         'guid_column' => 'objectguid',

            'username_column' => 'username', //'email',

        ],

        'windows' => [

            'locate_users_by' => 'samaccountname',

            'server_key' => 'AUTH_USER',

        ],

    ],

    'passwords' => [

        'sync' => env('LDAP_PASSWORD_SYNC', false),

        'column' => 'password',

    ],

    'login_fallback' => env('LDAP_LOGIN_FALLBACK', false),

    'sync_attributes' => [

        //'email' => 'userprincipalname',

        'username' => 'uid', 

        'name' => 'cn',

    ],

    'logging' => [

        'enabled' => env('LDAP_LOGGING', true),

        'events' => [

            \Adldap\Laravel\Events\Importing::class                 => \Adldap\Laravel\Listeners\LogImport::class,
            \Adldap\Laravel\Events\Synchronized::class              => \Adldap\Laravel\Listeners\LogSynchronized::class,
            \Adldap\Laravel\Events\Synchronizing::class             => \Adldap\Laravel\Listeners\LogSynchronizing::class,
            \Adldap\Laravel\Events\Authenticated::class             => \Adldap\Laravel\Listeners\LogAuthenticated::class,
            \Adldap\Laravel\Events\Authenticating::class            => \Adldap\Laravel\Listeners\LogAuthentication::class,
            \Adldap\Laravel\Events\AuthenticationFailed::class      => \Adldap\Laravel\Listeners\LogAuthenticationFailure::class,
            \Adldap\Laravel\Events\AuthenticationRejected::class    => \Adldap\Laravel\Listeners\LogAuthenticationRejection::class,
            \Adldap\Laravel\Events\AuthenticationSuccessful::class  => \Adldap\Laravel\Listeners\LogAuthenticationSuccess::class,
            \Adldap\Laravel\Events\DiscoveredWithCredentials::class => \Adldap\Laravel\Listeners\LogDiscovery::class,
            \Adldap\Laravel\Events\AuthenticatedWithWindows::class  => \Adldap\Laravel\Listeners\LogWindowsAuth::class,
            \Adldap\Laravel\Events\AuthenticatedModelTrashed::class => \Adldap\Laravel\Listeners\LogTrashedModel::class,

        ],
    ],

];

my loginController

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = RouteServiceProvider::HOME;

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    public function username()
    {
        return 'username';
    }
}
Vergence007 commented 4 years ago

Morning, See below my larevel_log when i try to login : [2020-06-17 13:09:17] local.INFO: User 'Isaac Newton' has been successfully found for authentication. [2020-06-17 13:09:17] local.INFO: User 'Isaac Newton' is being synchronized. [2020-06-17 13:09:17] local.INFO: User 'Isaac Newton' has been successfully synchronized. [2020-06-17 13:09:17] local.INFO: User 'Isaac Newton' is authenticating with username: '' [2020-06-17 13:09:17] local.ERROR: A username must be specified. {"exception":"[object] (Adldap\Auth\UsernameRequiredException(code: 0): A username must be specified."

Vergence007 commented 4 years ago

Morning, After checking again, i notice that 1- I can login with account created after register into laravel by can't use account created into my database after import ldap. 2- dd(Auth::users()->attempt(['username'=>'newton', 'password'=>'password'])) not work (error : username must be specified). 3- dd(Adldap::auth()->attempt('uid=newton,dc=example,dc=com', 'password')); Works