Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Ldap] Mismatching configuration between LdapClient and AbstractConnection #19008

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Julien-Marcou opened this issue Jun 9, 2016 · 9 comments
Closed

[Ldap] Mismatching configuration between LdapClient and AbstractConnection #19008

Julien-Marcou opened this issue Jun 9, 2016 · 9 comments
Labels
Ldap

Comments

@Julien-Marcou
Copy link

Description

When using the Ldap component of Symfony 3.1, binding an LdapClient results in an UndefinedOptionsException.

You can easily reproduce this bug by doing this

$client = new \Symfony\Component\Ldap\LdapClient('your-ldap-host');
$client->bind(); // Throws UndefinedOptionsException

What is happening

When creating an instance of LdapClient, a configuration is created using the arguments of the constructor

// Symfony/Component/Ldap/LdapClient.php
// __constructor($host = null, $port = 389, $version = 3, $useSsl = false, $useStartTls = false, $optReferrals = false, LdapInterface $ldap = null)

$config = array(
    'host' => $host,
    'port' => $port,
    'version' => $version,
    'useSsl' => (bool) $useSsl,
    'useStartTls' => (bool) $useStartTls,
    'optReferrals' => (bool) $optReferrals,
);

and an instance of Ldap is automatically created

// Symfony/Component/Ldap/LdapClient.php
// __constructor($host = null, $port = 389, $version = 3, $useSsl = false, $useStartTls = false, $optReferrals = false, LdapInterface $ldap = null)

$this->ldap = null !== $ldap ? $ldap : Ldap::create('ext_ldap', $config);

Which results in instanciating a new Symfony\Component\Ldap\Adapter\ExtLdap\Adapter using the configuration defined above

// Symfony/Component/Ldap/Ldap.php

private static $adapterMap = array(
    'ext_ldap' => 'Symfony\Component\Ldap\Adapter\ExtLdap\Adapter',
);
// Symfony/Component/Ldap/Ldap.php
// create($adapter, array $config = array()) method

$class = self::$adapterMap[$adapter];
return new self(new $class($config));

Then when calling the bind() method of the LdapClient, which call the bind() method of the Ldap, which call the getConnection() method of the Adapter, it results in instanciating a new Symfony\Component\Ldap\Adapter\ExtLdap\Connection using the configuration defined above

But this Connection defines its own configuration format

// Symfony/Component/Ldap/Adapter/AbstractConnection.php
// configureOptions(OptionsResolver $resolver) method

$resolver->setAllowedTypes('host', 'string');
$resolver->setAllowedTypes('port', 'numeric');
$resolver->setAllowedTypes('connection_string', 'string');
$resolver->setAllowedTypes('version', 'numeric');
$resolver->setAllowedValues('encryption', array('none', 'ssl', 'tls'));
$resolver->setAllowedTypes('options', 'array');

Which does not match the original configuration defined in the LdapClient, resulting in a UndefinedOptionsException when the OptionResolver tries to resolve the given configuration.
@fabpot
Copy link
Member

fabpot commented Jun 9, 2016

I think this has been fixed now in 3.1@dev. Can you confirm?

@csarrazi
Copy link
Contributor

csarrazi commented Jun 9, 2016

This should be fixed, indeed.

Also, as a reminder, the LdapClient class should not be used unless you need it for backward compatibility reasons.

@Julien-Marcou
Copy link
Author

Julien-Marcou commented Jun 9, 2016
edited
Loading

Yep, it's fixed in the dev version, I didn't saw it.

LdapClient now calls the normalizeConfig() method, which maps the LdapClient constructor parameters to the AbstractConnection configuration format.

@csarrazi I didn't used LdapClient, it was for the demonstration purpose, in my case it was happening when trying to login with a "form_login_ldap" firewall.

@csarrazi
Copy link
Contributor

csarrazi commented Jun 9, 2016

Okay!
Thanks for the confirmation, by the way! :)

@diabl0
Copy link

diabl0 commented Jun 9, 2016
edited
Loading

@Julien-Marcou : can you share example of services.yml which uses Symfony\Component\Ldap\Ldap
Unfortutnently symfony doc and cookbooks are outdated (i'm using 3.1), and i wasn't able figure it out by myself :(

@csarrazi
Copy link
Contributor

csarrazi commented Jun 9, 2016
edited
Loading

The docs haven't been updated for 3.1 yet, indeed.

@csarrazi
Copy link
Contributor

csarrazi commented Jun 9, 2016
edited
Loading

For an example:

ldap:
        class: Symfony\Component\Ldap\Ldap
        factory: [ 'Symfony\Component\Ldap\Ldap', 'create']
        arguments:
            - ext_ldap
            - host: ldap.forumsys.com
              debug: true

In short:

  • You should use the Ldap::create() factory to create your service.
  • There are two arguments:
    • The string associated to the adapter you wish to use. Only one is supported for now, which is ext_ldap.
    • The options array.

Some options are global (host, port, encryption, version, connection_string). Options specific to the implementation (ext_ldap) are also present in the main array (debug, for example, which is a shorthand for increasing verbosity for error messages), as well as the options sub-array (you may actually pass any option as defined in the ConnectionOptions class, using snake_case.

E.g.

<?php
use Symfony\Component\Ldap\Ldap;

$ldap = Ldap::create('ext_ldap', array(
    'host' => 'my-ldap-host',
    'encryption' => 'ssl',
    'version' => 3,
    'debug' => true,
    'options' => array(
        'timelimit' => 2,
        'sizelimit' => 5,
        'network_timeout' => 10,
        'referrals' => true,
    ),
));

@mipapo mipapo mentioned this issue Sep 22, 2016
Closed
@AlimjanNL
Copy link

In Symfony 3.1.6 get LDAP instance should like this:

        $config=[
            "connection_string"=>"ldaps://dev-env.com",
            "port"=>555,
            "version"=>3,
            "encryption"=>'ssl',
            "debug"=>true,
        ];
$ldap = Ldap::create("ext_ldap",$config);
$ldap->bind($bindUser, $bindUserPassword);
$data=$ldap->query($ldapBaseDn,$filter);

config "host" key is not working.

@csarrazi
Copy link
Contributor

csarrazi commented Nov 1, 2016

You should not use connection_string in combination with either host or port.
I will update the code so that an exception is thrown if it is the case.

You should either change your configuration and use host instead of connection_string (with the value dev-env.com), or remove the port option, and only use a connection string with the port inside (i.e. ldaps://dev-env.com:555).

In short, host + port and connection_string are intended to be mutually exclusive.

nietonfir pushed a commit to nietonfir/symfony-docs that referenced this issue Jan 26, 2017
Use the Ldap factory in the ldap service definition
62b3b2d 
as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008
nietonfir pushed a commit to nietonfir/symfony-docs that referenced this issue Jan 26, 2017
Use the Ldap factory in the ldap service definition
2afbe31 
as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008
@nietonfir nietonfir mentioned this issue Jan 26, 2017
Merged
nietonfir pushed a commit to nietonfir/symfony-docs that referenced this issue Jan 30, 2017
Use the Ldap factory in the ldap service definition
45e8da5 
as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008, symfony#6982
nietonfir pushed a commit to nietonfir/symfony-docs that referenced this issue Jan 30, 2017
Use the Ldap factory in the ldap service definition
1cfe6e7 
as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008, symfony#6982
nietonfir pushed a commit to nietonfir/symfony-docs that referenced this issue Jan 30, 2017
Use the Ldap factory in the ldap service definition
7ba300c 
as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008, symfony#6982
javiereguiluz added a commit to symfony/symfony-docs that referenced this issue Jan 2, 2018
@javiereguiluz
minor #7413 Use the Ldap factory in the ldap service definition (csar…
a2a77a9 
…razi)

This PR was merged into the 3.3 branch.

Discussion
----------

Use the Ldap factory in the ldap service definition

as LdapClient has been marked deprecated in 3.1.

Refs symfony/symfony#19008

@csarrazi Hope this is correct.

Commits
-------

d428f8d Updated LDAP documentation for Symfony 3.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Ldap
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@fabpot @javiereguiluz @csarrazi @diabl0 @Julien-Marcou @AlimjanNL