Problem with chain_provider and Zend ldap_bind

[lucasaba]

I have a chain provider which uses fos_userbundle and fr3d_ldapbundle. I've recently updated my composer.json and the chain stopped working. When I log in with a LDAP user, there's no problem. But when I try to login with a FOSUser I get a "Warning: ldap_bind(): Unable to bind to server: Invalid credentials".

The exception is rised from "zendframework/zend-ldap/src/Ldap.php". I've managed to bypass the exception with this code:

# FR3D\LdapBundle\Security\Authentication\LdapAuthenticationProvider

try {
    if (!$this->ldapManager->bind($user, $presentedPassword)) {
        throw new BadCredentialsException('The presented password is invalid.');
    }
} catch (\Exception $e) {
    return false;
}

The problem has come after upgrading my composer.json,

Previous versions: zendframework/zend-ldap (2.2.10) fr3d/ldap-bundle (v2.0.0)

Problematic versions: fr3d/ldap-bundle (v3.0.0) zendframework/zend-ldap (2.7.0)

Which should be the right way to solve the problem ?

[Maks3w]

Have you follow the upgrade guide to v3 https://github.com/Maks3w/FR3DLdapBundle/blob/master/UPGRADE-3.0.md?

[lucasaba]

I didn't see that...I've made the changes but still the try-catch solve the problem (while without it I can't authenticate).

My config is as follows:

#config.yml
fr3d_ldap:
    ...
    user:
        baseDn: DC=my,DC=domain,DC=it
        usernameAttribute: samaccountname
        attributes:
            - { ldap_attr: samaccountname,  user_method: setUsername }
            - { ldap_attr: givenname,  user_method: setNome }
            - { ldap_attr: mail,  user_method: setEmail }
            - { ldap_attr: sn,  user_method: setCognome }

#security.yml
    ...
    providers:
        chain_provider:
            chain:
                providers: [ fos_userbundle, fr3d_ldapbundle ]
        fr3d_ldapbundle:
            id: fr3d_ldap.security.user.provider
        fos_userbundle:
            id: fos_user.user_provider.username
...
firewalls:
    main:
        pattern: ^/
        fr3d_ldap:  ~
        form_login:
            provider: chain_provider

[Maks3w]

Seems @heiglandreas mess the error handler and introduce a bc break https://github.com/zendframework/zend-ldap/pull/21

Not an issue of this project. Blame to zend-ldap maintainer.

[Maks3w]

https://github.com/zendframework/zend-ldap/pull/47

[lucasaba]

:+1:

[heiglandreas]

Taking the blame! Apologies! As workaround require dev-master of Zend\Ldap. I'll see to tag that ASAP!!!

[lucasaba]

"The only man who makes no mistakes is the man who never does anything" :)

[heiglandreas]

Yeah! True words 😄

I've tagged the new release 2.7.1 of zend-ldap that contains the fix to the issue. So a composer update should fix the issue.