public function testEraseCredentialFlag() { $manager = new AuthenticationProviderManager(array($this->getAuthenticationProvider(true, $token = new UsernamePasswordToken('foo', 'bar', 'key')))); $token = $manager->authenticate($this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')); $this->assertEquals('', $token->getCredentials()); $manager = new AuthenticationProviderManager(array($this->getAuthenticationProvider(true, $token = new UsernamePasswordToken('foo', 'bar', 'key'))), false); $token = $manager->authenticate($this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')); $this->assertEquals('bar', $token->getCredentials()); }
/** * Authenticate with SimpleSAMLphp. * * @return null|\Symfony\Component\Security\Core\Authentication\Token\TokenInterface */ public function authenticate() { $config = sspmod_janus_DiContainer::getInstance()->getConfig(); // The User Provider, to look up users and their secrets. $userProvider = new UserService($this->getEntityManager(), $config); // In case of the REST API v1 or the Installer we are pre authenticated. if (self::$preAuth) { $token = new PreAuthenticatedToken(static::$preAuth['user'], '', static::$preAuth['provider']); $provider = new PreAuthenticatedAuthenticationProvider($userProvider, new \Symfony\Component\Security\Core\User\UserChecker(), static::$preAuth['provider']); // Otherwise use SSP as our Authentication Provider. } else { $token = new SspToken(); $provider = new SspProvider($userProvider, $config); } // And a custom authentication manager with a single provider. $authenticationManager = new AuthenticationProviderManager(array($provider)); // And we use that provider to authenticate, which calls triggers SSP to authenticate and // puts it's information in our custom token. return $authenticationManager->authenticate($token); }
backend: provider: app_users pattern: ^/admin logout: path: logout target: login form_login_ldap: service: app.ldap dn_string: CN={username},OU=Users,DC=example,DC=com check_path: login_check login_path: login */ $config = ['host' => 'localhost', 'port' => 389]; $baseDn = 'dc=openldap,dc=com'; $adapter = new Adapter($config); $adapter->getConnection()->setOption('PROTOCOL_VERSION', 3); $ldap = new Ldap($adapter); // To use full DN string as a login, replace filter parameter. // Use `cn` as uidKey, default is Active Directory specific. $userProvider = new LdapUserProvider($ldap, $baseDn, 'cn=admin,ou=admins,' . $baseDn, 'admin', [], 'cn'); // If anonymous search is enabled. //$userProvider = new LdapUserProvider($ldap, $baseDn, null, null, [], 'cn'); // Without the search DN string provider cannot perform search. //$userProvider = new LdapUserProvider($ldap, 'dc=openldap,dc=com', null, null, [], 'cn'); $authProvider = new LdapBindAuthenticationProvider($userProvider, new UserChecker(), 'ldap', $ldap, 'cn={username},ou=People,' . $baseDn, false); $authManager = new AuthenticationProviderManager([$authProvider]); // To use DN as login the provider should be tuned. $unAuthToken = new UsernamePasswordToken('user1', 'user1', 'ldap'); $token = $authManager->authenticate($unAuthToken); $result = $token->isAuthenticated(); var_dump('Good!', $result);
/** * {@inheritdoc} */ public function authenticate(TokenInterface $token) { $provider = new DaoAuthenticationProvider($this->userProvider, $this->userChecker, $this->firewall, $this->encoderFactory); $authenticationProviderManager = new AuthenticationProviderManager([$provider]); $authenticatedToken = $authenticationProviderManager->authenticate($token); $this->tokenStorage->setToken($authenticatedToken); //now the user is logged in $this->session->set("_{$this->firewall}", serialize($authenticatedToken)); //now dispatch the login event $event = new InteractiveLoginEvent($this->request, $authenticatedToken); $this->eventDispatcher->dispatch('security.interactive_login', $event); return $authenticatedToken; }