Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- services:
- app.ldap:
- class: SymfonyComponentLdapLdapClient
- arguments: ["ldaps://ldap.uni-rostock.de"]
- app.db_user_provider:
- class: AppBundleSecurityDbUserProvider
- arguments: ["@doctrine.orm.entity_manager"]
- security:
- role_hierarchy:
- ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
- providers:
- chain_provider:
- chain:
- providers: [db_user, app_users]
- in_memory:
- memory:
- users:
- admin: { password: adminpass, roles: 'ROLE_ADMIN' }
- app_users:
- ldap:
- service: app.ldap
- base_dn: ou=people,o=uni-rostock,c=de
- search_dn: uid=testuser,ou=people,o=uni-rostock,c=de
- search_password: testpass
- filter: (uid={username})
- default_roles: ROLE_USER
- db_user:
- id: app.db_user_provider
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- admin:
- anonymous: true
- pattern: ^/
- form_login_ldap:
- provider: chain_provider
- service: app.ldap
- dn_string: "uid={username},ou=people,o=uni-rostock,c=de"
- check_path: /login_check
- login_path: /login
- form_login:
- provider: in_memory
- check_path: /login_check
- login_path: /login
- logout:
- path: /logout
- target: /
- access_control:
- - { path: ^/admin, roles: ROLE_USER }
- encoders:
- SymfonyComponentSecurityCoreUserUser: plaintext
- AppBundleEntityEmployee: bcrypt
- namespace AppBundleEntity;
- use SymfonyComponentSecurityCoreUserUserInterface;
- use SymfonyComponentSecurityCoreUserEquatableInterface;
- use DoctrineORMMapping as ORM;
- class Employee implements UserInterface, EquatableInterface
- {
- // other properties
- private $username;
- // getters and setters for the other properties
- public function getUsername()
- {
- return $this->username;
- }
- public function getRoles()
- {
- return array('ROLE_USER');
- }
- public function getPassword()
- {
- return null;
- }
- public function getSalt()
- {
- return null;
- }
- public function eraseCredentials()
- {
- }
- public function isEqualTo(UserInterface $user)
- {
- if (!$user instanceof Employee) {
- return false;
- }
- if ($this->username !== $user->getUsername()) {
- return false;
- }
- return true;
- }
- }
- <?php
- namespace AppBundleSecurity;
- use SymfonyComponentSecurityCoreUserUserProviderInterface;
- use SymfonyComponentSecurityCoreUserUserInterface;
- use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;
- use SymfonyComponentSecurityCoreExceptionUnsupportedUserException;
- use DoctrineORMEntityManager;
- use AppBundleEntityEmployee;
- class DbUserProvider implements UserProviderInterface
- {
- private $em;
- public function __construct(EntityManager $em)
- {
- $this->em = $em;
- }
- public function loadUserByUsername($username)
- {
- $repository = $this->em->getRepository('AppBundle:Employee');
- $user = $repository->findOneByUsername($username);
- if ($user) {
- return new Employee();
- }
- throw new UsernameNotFoundException(
- sprintf('Username "%s" does not exist.', $username)
- );
- }
- public function refreshUser(UserInterface $user)
- {
- if (!$user instanceof Employee) {
- throw new UnsupportedUserException(
- sprintf('Instances of "%s" are not supported.', get_class($user))
- );
- }
- return $this->loadUserByUsername($user->getUsername());
- }
- public function supportsClass($class)
- {
- return $class === 'AppBundleEntityEmployee';
- }
- }
- chain_provider:
- chain:
- providers: [app_users, db_user]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement