[Ldap] Added the possibility to configure all available Ldap options for connection#18725
Conversation
|
@fabpot I know it is already quite late, and that we are currently in the stabilisation step of the release, but this would really be a welcome addition (easier debugging, for example). |
| } | ||
|
|
||
| return $value; | ||
| $resolver->setAllowedTypes('host', 'string'); |
There was a problem hiding this comment.
Take into account that OptionsResolver has fluent setters, which allows you to chain multiple calls.
| 'useSsl' => false, | ||
| 'useStartTls' => false, | ||
| 'optReferrals' => false, | ||
| 'connectionString' => null, |
There was a problem hiding this comment.
This should be connection_string. All options in Symfony are underscored.
There was a problem hiding this comment.
True. I'll change this for optReferrals too, which is in the ExtLdap-specific code.
| 'useStartTls' => false, | ||
| 'optReferrals' => false, | ||
| 'connection_string' => null, | ||
| 'encryption' => 'none', |
There was a problem hiding this comment.
What about 'secure' instead of encryption?
There was a problem hiding this comment.
encryption having a value of none, tls or ssl, I think something like array('secure' => 'ssl') would make it misleading, as we are only talking about encryption over the wire, not neither authentication or RBAC.
|
Thank you @csarrazi. |
…e Ldap options for connection (csarrazi) This PR was merged into the 3.1-dev branch. Discussion ---------- [Ldap] Added the possibility to configure all available Ldap options for connection | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #18448 | License | MIT | Doc PR | This PR lets a user configure [all documented Ldap options](http://php.net/manual/fr/function.ldap-get-option.php), as well as a few undocumented ones (back-ported from the [OpenLdap C library](http://linux.die.net/man/3/ldap_set_option), as well as the [Ldap client specification](https://www.ietf.org/proceedings/50/I-D/ldapext-ldap-c-api-05.txt)). Commits ------- a8bae31 Added the possibility to configure all Ldap options for connection
|
This change seems to have broken the 3.1 Ldap authentication. Using the documented service setup Always produces this error message:
There seems to be no way to successfully configure an Ldap service. |
|
@uvups Indeed. I'm providing a fix ASAP. (in the next 5 minutes) |
…razi) This PR was merged into the 3.1 branch. Discussion ---------- [Ldap] Fixed issue with legacy client initialisation | Q | A | ------------- | --- | Branch? | 3.1 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #18725 (comment) | License | MIT | Doc PR | Thanks @uvups for noticing this. Commits ------- 6804efe Fixed issue with legacy client initialization
This PR lets a user configure all documented Ldap options, as well as a few undocumented ones (back-ported from the OpenLdap C library, as well as the Ldap client specification).