Bind method missing

Question

Bind method missing

Closed this issue 7 years ago · 2 comments

It would be nice to have a bind method in order to validate username and password via LDAP.

LDAPConnection.class.php

[...]
  public function bind($username = null, $password = null) {
    if (false === ($res = ldap_bind($this->handle, $username, $password))) {
      switch ($error = ldap_errno($this->handle)) {
        case -1:
        case LDAP_SERVER_DOWN:
          throw new ConnectException('Cannot connect to ' . $this->url);
        default:
          throw new LDAPException('Cannot bind for "'. $username.'"', $error);
      }
    }
  }
[...]

Usage would be:

$ladpConn = new LDAPConnection($dsn);
// needed to initialize $this->handle
$ladpConn->connect();

// now it is possible to check username and password
try {
  $this->ldapConn->bind(
    sprintf('uid=%s,ou=Accounts,o=Org,c=DE', $username),
    $password);
} catch (LDAPException $ex) {
  if ($ex->getErrorCode() === 49) {
    // not authenticated
    return false;
  } else {
    throw $ex;
  }
}
// authenticated

Answer 1 · 2018-02-13T22:52:15.000Z

The confusion might stem from LDAPClient, which had separate bind() and connect() methods. However, you don't really need both. You can use the following:

$ldap= new LDAPConnection('ldap://ldap.example.com/');  // Do not provide credentials here

// Then call connect() and explicitely pass user DN and password
try {
  $ldap->connect(sprintf('uid=%s,ou=accounts,o=org,c=DE', $username), $secret);
  return true;  // Authenticated
} catch (LDAPException $e) {
  throw $e;     // Connect and/or login failed, use $e->getCode() to distinguish
} finally {
  $ldap->close();
}

Answer 2 · 2018-02-13T22:55:20.000Z

Reopen if that doesn't work for you