Skip to content

[Security] Ability to add roles in form_login_ldap by ldap group #51225

New issue
New issue
Closed
#52181
Closed
[Security] Ability to add roles in form_login_ldap by ldap group#51225
#52181
Labels
FeatureSecurity
@RTUnreal

Description

@RTUnreal
RTUnreal
opened on Aug 2, 2023

Description

When a user logs in with a ldap dn, we need the ability to add roles by groups the user is a member of.

Example

security:
  providers:
    some_ldap:
      ldap:
        service: Symfony\Component\Ldap\Ldap
        base_dn: cn=Users,dc=example,dc=com
        search_dn: "cn=MyService,ou=Services,dc=example,dc=com"
        search_password: '%env(resolve:LDAP_PW)%'
        default_roles: ROLE_USER
        roles:
          'CN=Administrators,CN=Builtin,DC=example,DC=com': ROLE_ADMIN
        extra_fields: ['mail']

Which would result in a user with the a CN=Administrators,CN=Builtin,DC=example,DC=com membership to be assigned the ROLE_ADMIN role.

Metadata

Metadata

Assignees

No one assigned

    Labels

    FeatureSecurity

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      pFad - Phonifier reborn

      Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

      Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy