1. <tfoot id='qgam6'></tfoot>
        <bdo id='qgam6'></bdo><ul id='qgam6'></ul>

        <i id='qgam6'><tr id='qgam6'><dt id='qgam6'><q id='qgam6'><span id='qgam6'><b id='qgam6'><form id='qgam6'><ins id='qgam6'></ins><ul id='qgam6'></ul><sub id='qgam6'></sub></form><legend id='qgam6'></legend><bdo id='qgam6'><pre id='qgam6'><center id='qgam6'></center></pre></bdo></b><th id='qgam6'></th></span></q></dt></tr></i><div id='qgam6'><tfoot id='qgam6'></tfoot><dl id='qgam6'><fieldset id='qgam6'></fieldset></dl></div>
        <legend id='qgam6'><style id='qgam6'><dir id='qgam6'><q id='qgam6'></q></dir></style></legend>
      1. <small id='qgam6'></small><noframes id='qgam6'>

        CakePHP (LDAP) 中的替代身份验证源

        Alternative authentication sources in CakePHP (LDAP)(CakePHP (LDAP) 中的替代身份验证源)

            <i id='Km5dW'><tr id='Km5dW'><dt id='Km5dW'><q id='Km5dW'><span id='Km5dW'><b id='Km5dW'><form id='Km5dW'><ins id='Km5dW'></ins><ul id='Km5dW'></ul><sub id='Km5dW'></sub></form><legend id='Km5dW'></legend><bdo id='Km5dW'><pre id='Km5dW'><center id='Km5dW'></center></pre></bdo></b><th id='Km5dW'></th></span></q></dt></tr></i><div id='Km5dW'><tfoot id='Km5dW'></tfoot><dl id='Km5dW'><fieldset id='Km5dW'></fieldset></dl></div>
              <bdo id='Km5dW'></bdo><ul id='Km5dW'></ul>
              <tfoot id='Km5dW'></tfoot>

              1. <legend id='Km5dW'><style id='Km5dW'><dir id='Km5dW'><q id='Km5dW'></q></dir></style></legend>
              2. <small id='Km5dW'></small><noframes id='Km5dW'>

                    <tbody id='Km5dW'></tbody>
                  本文介绍了CakePHP (LDAP) 中的替代身份验证源的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我正在开发一个 CakePHP 项目,目前正在构建它的用户身份验证部分.问题是我的身份验证信息(即:密码)没有存储在我的数据库中——身份验证源是 LDAP,但我的问题同样适用于任何非数据库源.

                  I'm working on a CakePHP project and am currently building the user authentication part of it. The problem is that my authentication information (ie: the passwords) are not stored in my database -- the authentication source is LDAP but my question applies equally to any non-database source.

                  Cake 似乎只处理本地数据库中存在的密码.蛋糕食谱建议你可以告诉它一个不同的控制器/模型/对象通过使用 $this->Auth->authorize 变量提供授权过程,但是查看代码(特别是 Auth::startup() 函数)它看起来像 Cake 总是会尝试首先查询数据库,检查匹配的用户名/密码,然后再查看您使用 Auth->authorize 指定的替代对象.即修改authorize只是增加了二级过滤器,并没有替代数据库查找.

                  It appears as though Cake only handles passwords when they exist in the local database. The Cake Cookbook suggests that you can tell it a different controller/model/object to provide an authorization procedure by using the $this->Auth->authorize variable, however looking at the code (specifically the Auth::startup() function) it looks like Cake will always try to query the database first, checking for a matching username/password, before then looking at the alternative object you specified with Auth->authorize. That is, changing authorize only adds a second-level filter, it doesn't replace the database lookup.

                  // The process
                  1. User provides details
                  2. Cake checks the database
                  3. If OK, then check the custom object method
                  4. If OK, return true
                  
                  // What I'd like:
                  1. User provides details.
                  2. Check the custom object method
                  3. If OK, return true
                  4. Profit.
                  

                  关于如何做到这一点的任何想法,希望不会破解核心文件?

                  Any ideas on how to do this, hopefully without hacking the core files?

                  推荐答案

                  假设您只是绑定 LDAP 并从 MySQL 存储/检索用户数据,这种方法将作为一个桥梁",它会自动创建成功的帐户登录:

                  Assuming you are simply binding against LDAP and are storing/retrieving User data from MySQL, this approach will work as a "bridge" which will automatically create accounts for successful logins:

                  // app/controllers/components/ldap_auth.php
                  <?php
                  App::import('Component', 'Auth');
                  class LdapAuthComponent extends AuthComponent {
                  /**
                   * Don't hash passwords
                   */
                      function hashPasswords($data){
                          return $data;
                      }
                  /**
                   * We will initially identify the user
                   */
                      function identify($user=null, $conditions=null) {
                          // bind credentials against ldap
                          $ldapUser = $this->_ldapAuth($user); // do your stuff
                          if (!$ldapUser) {
                              return null; // if bind fails, then return null (as stated in api)
                          }
                          // get the cake model you would normally be authenticating against
                          $model =& $this->getModel(); // default is User
                          // check for existing User in mysql
                          $user = $model->find('first', array('conditions' => array(
                              'username' => $ldapUser['cn']
                          ));
                          // if no existing User, create a new User
                          if (!$user) {
                              $user = $model->save(array('User' => array(
                                  'username' => $ldapUser['cn'],
                                  // .. map needed ldap fields to mysql fields ..
                              )));
                              if (!$user) {
                                  $this->cakeError('ldapCreateUser');
                              }
                              // pass the id of the newly created User to Auth's identify
                              return parent::identify($model->id, $conditions);
                          }
                          // pass the id of the existing User to Auth's identify
                          return parent::identify($user[$this->userModel][$model->primaryKey], $conditions);
                      }
                  /**
                   * Lets check LDAP
                   *
                   * @return mixed Array of user data from ldap, or false if bind fails
                   */
                      function _ldapAuth($user) {
                          $username = $user[$this->userModel][$this->fields['username']];
                          $password = $user[$this->userModel][$this->fields['password']];
                          // use the php ldap functions here
                          return $ldapUser;
                      }
                  }
                  ?>
                  

                  要使用,请将您的应用程序中对 Auth 的所有引用替换为 LdapAuth 或遵循 这里的说明.

                  To use, replace all references to Auth with LdapAuth in your application or follow the instructions here.

                  请注意,尽管受保护的 _ldapAuth() 方法可以抽象为 LdapUser 模型,并且该模型应该LdapSource 读取,LDAP 服务器连接设置应该database.php 配置中,LdapAuthComponent 应该适应使用可配置的字段映射,这些不是完成它"的要求.:)

                  Note that although the protected _ldapAuth() method could be abstracted out to an LdapUser model, and that model should read from an LdapSource, and the LDAP server connection settings should be in the database.php config, and the LdapAuthComponent should be adapted to use configurable field mappings, these aren't requirements to "just get it done". :)

                  这篇关于CakePHP (LDAP) 中的替代身份验证源的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  mediatemple - can#39;t send email using codeigniter(mediatemple - 无法使用 codeigniter 发送电子邮件)
                  Laravel Gmail Configuration Error(Laravel Gmail 配置错误)
                  Problem with using PHPMailer for SMTP(将 PHPMailer 用于 SMTP 的问题)
                  Issue on how to setup SMTP using PHPMailer in GoDaddy server(关于如何在 GoDaddy 服务器中使用 PHPMailer 设置 SMTP 的问题)
                  smtp gmail server php mailer not working(smtp gmail服务器php邮件程序不工作)
                  Email goes in spam when I send it via others SMTP server(当我通过其他 SMTP 服务器发送电子邮件时,电子邮件进入垃圾邮件)
                        <tfoot id='G49VZ'></tfoot><legend id='G49VZ'><style id='G49VZ'><dir id='G49VZ'><q id='G49VZ'></q></dir></style></legend>

                          <i id='G49VZ'><tr id='G49VZ'><dt id='G49VZ'><q id='G49VZ'><span id='G49VZ'><b id='G49VZ'><form id='G49VZ'><ins id='G49VZ'></ins><ul id='G49VZ'></ul><sub id='G49VZ'></sub></form><legend id='G49VZ'></legend><bdo id='G49VZ'><pre id='G49VZ'><center id='G49VZ'></center></pre></bdo></b><th id='G49VZ'></th></span></q></dt></tr></i><div id='G49VZ'><tfoot id='G49VZ'></tfoot><dl id='G49VZ'><fieldset id='G49VZ'></fieldset></dl></div>

                          <small id='G49VZ'></small><noframes id='G49VZ'>

                            <tbody id='G49VZ'></tbody>

                            <bdo id='G49VZ'></bdo><ul id='G49VZ'></ul>