CODEWITHSUNDEEP
phpzend-frameworkactive-directoryldap
Yamuna
Yamuna

Reputation: 71

Zend LDAP authentication - How to setIdentity and getIdentity

I am using adldap library to authenticate users against Active Directory. Below is the piece of code I use to authenticate

$username = $_POST['username'];
$password = $_POST['password'];

require_once '/adlap/adLDAP.php';

try {
  $adldap = new adLDAP();
}
catch (adLDAPException $e) {
  echo $e;
  exit();   
}

$authUser = $adldap->user()->authenticate($username, $password);

How should I setIdentity for the user?

In Login system where we store username and password we can setIdentity as mentioned below

$adapter = $this->_getAuthAdapter();
$adapter->setIdentity($values['username']);
$adapter->setCredential($values['password']);


protected function _getAuthAdapter() {

        $dbAdapter = Zend_Db_Table::getDefaultAdapter();
        $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);

        $authAdapter->setTableName('users')
                ->setIdentityColumn('username')
                ->setCredentialColumn('password')
                ->setCredentialTreatment('SHA1(CONCAT(?,salt))');


        return $authAdapter;
    }

I am not storing password in Database and checking it directly against Active Directory. So I couldn't use the above solution. How shall I setIdentity of users so that I can check if user hasIdentity() like this

 $auth = Zend_Auth::getInstance();
  if ($auth->hasIdentity()){
  }

I referred the following Stackoverflow question Get display name for Zend LDAP Authentication. However I am not sure how we shall "get('LDAP_host')" Zend Registry and how should we set it before. Below is the line of code I'm confused with 'host' => Zend_Registry::get('LDAP_host'),

Can someone please help me?

Upvotes: 0

Views: 916

Answers (1)

heiglandreas
heiglandreas

Reputation: 3861

Zend_Registry::get('LDAP_host') simply returnes the hostname of your LDAP-Server. Somewhere before that line of code you will find a line similar to Zend_Registry::set('LDAP_host', 'ldap.example.com') which sets ldap.example.com as LDAP-server.

getAuthAdapter() in your case returns an instance of Zend_Auth_Adapter_DbTable but you want an instance of Zend_Auth_Adapter_Ldap. So you will have to either call a different method/function getLdapAuthAdapter() or rewrite the current method.

public function getLdapAuthAdapter() {
    return new Zend_Auth_Adapter_Ldap(array(
        'host'                    => 'ldap.example.com',
        'accountDomainName'       => 'example.com',
        'accountDomainNameShort'  => 'EXAMPLE',
        'accountCanonicalForm'    => 3,
        'username'                => "CN=user1,DC=example,DC=com",
        'password'                => 'pass1',
        'baseDn'                  => "DC=example,DC=com",
        'bindRequiresDn'          => true,
     ));
}

$adapter = $this->getLdapAuthAdapter();
$adapter->setIdentity($values['username']);
$adapter->setCredential($values['password']);
$result = $adapter->authenticate();

Hope that somehow helps.

Upvotes: 1

Related Questions