search

BlackbitDigitalCommerce / pimcore-ldap-bundle

LDAP bundle for Pimcore
GNU General Public License v3.0
27 stars 9 forks source link

Bundle Behavior #19

Open zangab opened 2 years ago

zangab commented 2 years ago

Hi 👋 I have a question to the use-case of this bundle. Does this explicitly log in users via LDAP? Meaning if a user is not in LDAP (like the local admin user) he can not log in? Or does it also check local users?

Thx. 🙏

BlackbitDevs commented 2 years ago

First it is always checked locally in the Pimcore database if a user with the given credentials exists. Only if not, the bundle asks the LDAP server if the credentials match there. If yes, it is checked if there already is a Pimcore user account with the given username. If not, it gets created. Finally the user gets logged in. If LDAP credentials either does not match, then user gets the default message from Pimcore as if there was no LDAP involved.

rushitkhunt1996 commented 8 months ago

Hi @BlackbitDevs this bundle is not working for me to create a new user if we do not have a user on PIMCORE with PIM 10.

We have upgraded pimcore from 6 to 10, it is working fine on PIM 6 but not on PIM 10. I can login with an existing user even if we change the password from LDAP then as well I can login with new password on PIM, so the LDAP connection is working fine but the new user creation is not working.

can you please guide me?

BlackbitDevs commented 8 months ago

Hi @rushitkhunt1996 ,

what exactly happens if you log in with a user who does not exist in Pimcore yet via LDAP? Do you get redirected to login again? Any errors in log?

rushitkhunt1996 commented 8 months ago

Hi @BlackbitDevs

when I enter correct username and password and click on login it's redirect me on login page and throws "Login Failed!!" error if user is not exist in PIM.

Also there is no log related to LDAP or Login Atheratication on log file.

This are my configuration

blackbit_digital_commerce/pimcore-ldap : v1.5.2 with PIM 10

config/services.yaml

     Symfony\Component\Ldap\Ldap:
         arguments:
         - '@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter'
     Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
         arguments:
         - host: [jdl.com](http://jdl.com/)
           port: ***
           encryption: none
           options:
            protocol_version: 3
            referrals: false

config/config.yaml

    alep_ldap:
        enabled: true
        base_dn: 'dc=example,dc=com'
        search_dn: 'CN=PIM_ldap,OU=System Accounts,DC=example,DC=com'
        search_password: ******************
        default_roles:
            - ReadOnly

config/packages/security.yaml

   custom_authenticators:
          - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminLoginAuthenticator
          - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminTokenAuthenticator
          - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminSessionAuthenticator
BlackbitDevs commented 7 months ago

Could you please write to help@blackbit.com? We are focussing on Pimcore SSO bundle for SSO authentication. Of course we can also fix this LDAP bundle to work for your case but we cannot do this for free, sorry.