Bind method missing
Closed this issue · 2 comments
georg94 commented
It would be nice to have a bind method in order to validate username and password via LDAP.
LDAPConnection.class.php
[...]
public function bind($username = null, $password = null) {
if (false === ($res = ldap_bind($this->handle, $username, $password))) {
switch ($error = ldap_errno($this->handle)) {
case -1:
case LDAP_SERVER_DOWN:
throw new ConnectException('Cannot connect to ' . $this->url);
default:
throw new LDAPException('Cannot bind for "'. $username.'"', $error);
}
}
}
[...]
Usage would be:
$ladpConn = new LDAPConnection($dsn);
// needed to initialize $this->handle
$ladpConn->connect();
// now it is possible to check username and password
try {
$this->ldapConn->bind(
sprintf('uid=%s,ou=Accounts,o=Org,c=DE', $username),
$password);
} catch (LDAPException $ex) {
if ($ex->getErrorCode() === 49) {
// not authenticated
return false;
} else {
throw $ex;
}
}
// authenticated
thekid commented
The confusion might stem from LDAPClient
, which had separate bind()
and connect()
methods. However, you don't really need both. You can use the following:
$ldap= new LDAPConnection('ldap://ldap.example.com/'); // Do not provide credentials here
// Then call connect() and explicitely pass user DN and password
try {
$ldap->connect(sprintf('uid=%s,ou=accounts,o=org,c=DE', $username), $secret);
return true; // Authenticated
} catch (LDAPException $e) {
throw $e; // Connect and/or login failed, use $e->getCode() to distinguish
} finally {
$ldap->close();
}
thekid commented
Reopen if that doesn't work for you