-1
私はSymfonyにアプリケーションを持っています。ユーザーはOOSHを使用してFOSを使用してそこにログインします。 アクティブなディレクトリを使ってログインするオプションを追加する必要があります。 このバンドルをインストールしました:https://github.com/Maks3w/FR3DLdapBundleが動作するように構成することはできません。 設定とセキュリティファイルを投稿しています。どのようなアイデアを変更する必要がありますか?Symfony2、FosUserBundle、Oauth、FR3DLdapBundle
のsecurity.yml
security:
erase_credentials: false
encoders:
FOS\UserBundle\Model\UserInterface: sha512
#FOS\UserBundle\Model\UserInterface: plaintext
FR3D\LdapBundle\User\LdapUser: plaintext
providers:
chain_provider:
chain:
providers: [fos_userbundle, fr3d_ldapbundle]
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
fos_userbundle:
id: fos_user.user_provider.username_email
role_hierarchy:
ROLE_USER: ~
ROLE_ADMIN: [ROLE_USER]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
doc:
pattern: ^/api/doc/$
security: false
oauth_token:
pattern: ^/oauth/v2/token
security: false
passwords:
pattern: ^/api/password
security: false
# Poniżej są metory autoryzacji.
oauth_authorize:
pattern: ^/site|^/fos|^/api
fr3d_ldap: ~
fos_oauth: true
form_login:
provider: fos_userbundle
check_path: /fos/login_check
login_path: /fos/login
logout:
path: /fos/logout
target:/
anonymous: true
access_control:
- { path: ^/oauth/v2/auth_login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/users/[0-9]+/(avatar|wallpaper), roles: [ IS_AUTHENTICATED_FULLY ] }
- { path: ^/api/users, roles: [ ROLE_ADMIN ], methods: [POST, PUT] }
- { path: ^/api/groups, roles: [ ROLE_ADMIN ], methods: [POST, PUT] }
- { path: ^/api/menus, roles: [ ROLE_ADMIN ], methods: [POST, PUT] }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
- { path: ^/ /, roles: IS_AUTHENTICATED_ANONYMOUSLY }
config.ymlは
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: doctrine_extensions.yml }
- { resource: services.yml }
framework:
#esi: ~
#translator: { fallback: "%locale%" }
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
# handler_id set to null will use default session handler from php.ini
handler_id: ~
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
# Assetic Configuration
assetic:
debug: "%kernel.debug%"
use_controller: false
bundles: [ ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: "%kernel.root_dir%/Resources/java/compiler.jar"
#yui_css:
# jar: "%kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar"
# Doctrine Configuration
doctrine:
dbal:
default_connection: default
connections:
default:
driver: "%database_driver%"
host: "%database_host%"
port: "%database_port%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
charset: UTF8
axp:
driver_class: Realestate\MssqlBundle\Driver\PDODblib\Driver
#driver: "%database_driver2%"
host: "%database_host2%"
#server: "%database_host2%"
#port: "%database_port2%"
#dbname: "%database_name2%"
user: "%database_user2%"
password: "%database_password2%"
#charset: UTF8
orm:
default_entity_manager: default
entity_managers:
default:
connection: default
auto_mapping: true
axp:
connection: axp
mappings:
XtrdAxpPeopleBundle: ~
auto_generate_proxy_classes: "%kernel.debug%"
# Swiftmailer Configuration
swiftmailer:
transport: "%mailer_transport%"
host: "%mailer_host%"
username: "%mailer_user%"
password: "%mailer_password%"
spool: { type: memory }
fos_rest:
serializer:
serialize_null: true
routing_loader:
default_format: json
param_fetcher_listener: true
body_converter:
enabled: true
validate: true
body_listener:
array_normalizer: fos_rest.normalizer.camel_keys
decoders:
json: fos_rest.decoder.jsontoform
format_listener:
rules:
- { path: ^/api, priorities: [ html, json, xml ], fallback_format: html, prefer_extension: true }
- { path: ^/axp, priorities: [ html, json, xml ], fallback_format: html, prefer_extension: true }
- { path: ^/, priorities: [ html ], fallback_format: html, prefer_extension: false }
view:
serialize_null: true
view_response_listener: force
failed_validation: HTTP_UNPROCESSABLE_ENTITY
formats:
json: true
xml: true
nelmio_cors:
defaults:
allow_credentials: false
allow_origin: [ 'http://localhost:4200' ]
allow_headers: []
allow_methods: []
expose_headers: []
max_age: 0
hosts: []
paths:
'^/':
origin_regex: true
allow_origin: ['^http://localhost:[0-9]+', '^http://.*.Xtrd.com', '^http://localhost:8000+']
allow_headers: ['*']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS']
max_age: 3600
fos_oauth_server:
db_driver: orm
client_class: Xtrd\IntranetApiBundle\Entity\Client
access_token_class: Xtrd\IntranetApiBundle\Entity\AccessToken
refresh_token_class: Xtrd\IntranetApiBundle\Entity\RefreshToken
auth_code_class: Xtrd\IntranetApiBundle\Entity\AuthCode
service:
user_provider: fos_user.user_manager
#user_provider: fr3d_ldap.security.user.provider
fos_user:
db_driver: orm
firewall_name: oauth_authorize
user_class: Xtrd\IntranetApiBundle\Entity\User
group:
group_class: Xtrd\IntranetApiBundle\Entity\Group
parameters:
jms_serializer.camel_case_naming_strategy.class: JMS\Serializer\Naming\IdenticalPropertyNamingStrategy
jms_serializer:
handlers:
datetime:
default_format: "c" # ISO8601
default_timezone: "UTC" # defaults to whatever timezone set in php.ini or via date_default_timezone_set
property_naming:
separator:
lower_case: false
metadata:
cache: file
debug: "%kernel.debug%"
file_cache:
dir: "%kernel.cache_dir%/serializer"
auto_detection: true
directories:
FOSUserBundle:
namespace_prefix: "FOS\\UserBundle"
path: "@XtrdIntranetApiBundle/Resources/config/serializer/fos"
XtrdExchangeWebServicesBundle:
namespace_prefix: "Xtrd\\ExchangeWebServicesBundle"
path: "@XtrdIntranetApiBundle/Resources/config/serializer/ews"
XtrdIntranetApiBundle:
namespace_prefix: "Xtrd\\IntranetApiBundle"
path: "@XtrdIntranetApiBundle/Resources/config/serializer"
visitors:
json:
options: 128 # json_encode options bitmask
fr3d_ldap:
driver:
host: xtrd.com
#port: 389 # Optional
#username: # Optional
#password: # Optional
# bindRequiresDn: true
#baseDn: DC=Xtrd,DC=com
# accountFilterFormat: (&(uid=%s)) # Optional. sprintf format %s will be the username
#accountFilterFormat: (&(samaccountname=%s))
# optReferrals: false # Optional
#useSsl: false # Enable SSL negotiation. Optional
# useStartTls: true # Enable TLS negotiation. Optional
# accountCanonicalForm: 3 # ACCTNAME_FORM_BACKSLASH this is only needed if your users have to login with something like HOST\User
#accountDomainName:
#accountDomainNameShort: # if you use the Backslash form set both to Hostname than the Username will be converted to HOST\User
user:
baseDn: dc=xtrd,dc=com
filter: (&(objectClass=Person))
# filter: (&(objectClass=user))
attributes:
- { ldap_attr: samaccountname, user_method: setUsername }
# - { ldap_attr: userprincipalname, user_method: setUsername }
# - { ldap_attr: mail, user_method: setEmail }
# - { ldap_attr: givenname, user_method: setFirstName }
# - { ldap_attr: sn, user_method: setLastName }
# - { ldap_attr: description, user_method: setDescription }
# - { ldap_attr: password, user_method: setPassword }
#service:
#user_manager: fos_user.user_manager # Overrides default user manager
#ldap_manager: fr3d_ldap.ldap_manager.default # Overrides default ldap manager
使用しているSymfonyのバージョンは?なぜ新しい2.8 LDAPコンポーネントを使用しないのですか? http://symfony.com/blog/new-in-symfony-2-8-ldap-component – LBA
私は2.6.11を使用しています。私はFOSを使用しているので、私はFOSに基づいてクラスを使用しようとしています。 – BigBazooka007