How to use ldap in UserIdentity for authentication
It took me a while to get ldap auth working with yii, so I write it down here, maybe it can be of some use.
Yii does not have a ldap class by itself, but you can extend it for example with Zend classes. To authenticate users at you page via ldap, change protected/components/UserIdentity.php in the following way:
On top of the file add:
Yii::import('application.vendors.*'); require_once('Zend/Ldap.php');
Delete or comment out everything in the authenticate() function. Then add
$options = array( 'host' => 'your.ldap.host.com', 'username' => 'your_admin_users_username', 'password' => 'your_admin_users_password', 'baseDn' => 'your_base_dn', 'useStartTls' => true, # if you need startTls ); $ldap = new Zend_Ldap($options); try{ $ldap->bind("cn=".$this->username.",your_base_dn", $this->password); $auth=true; } catch (Exception $e){ $auth=false; } if($auth===true) { $this->errorCode=self::ERROR_NONE; } return !$this->errorCode;
For this to work you need Exception.php, Ldap.php and the Ldap folder from the library folder of a Zend installation in the folder protected/vendors/Zend
Total 4 comments:
There is a way to store the admin_users_password in an encrypted way as is the case in the Active directory?
because right now, the password is shown in clear in the UserIdentity.php and the Active Directory admins will not appreciate that.
Thanks
You guys should take a look at this: http://adldap.sourceforge.net/
I've done the same thing with 6 lines of code. Couldn't be simpler! :)
That don't really work...