使用Laravel4进行LDAP身份验证 - LDAP Authentication with Laravel4

请帮助我使用Laravel4进行LDAP身份验证。

我下面的配置总是返回错误的

我的auth.php如下所示：

<?php
return array(
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This driver manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/
//'driver' => 'eloquent',
'driver' => 'ldap',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
'username_field' => 'username',
'model' => 'User',
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
'table' => 'users',
/*
|--------------------------------------------------------------------------
| Password Reminder Settings
|--------------------------------------------------------------------------
|
| Here you may set the settings for password reminders, including a view
| that should be used as your password reminder e-mail. You will also
| be able to set the name of the table that holds the reset tokens.
|
| The "expire" time is the number of minutes that the reminder should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'reminder' => array(
    'email' => 'emails.auth.reminder',
    'table' => 'password_reminders',
    'expire' => 60,
),
);

和我的app/config/adddap.php类似：

<?php
return array(
    'account_suffix' => "@pusat.corp.pln.co.id",
'domain_controllers' => array("dc01.pusat.corp.pln.co.id","pusat.corp.pln.co.id"), // An array of domains may be provided for load balancing.
'base_dn' => 'DC=pusat','DC=corp','DC=pln','DC=co','DC=id',

'real_primary_group' => true, // Returns the primary group (an educated guess).
'use_ssl' => false, // If TLS is true this MUST be false.
'use_tls' => false, // If SSL is true this MUST be false.
    'recursive_groups' => true,
);

在routes.php中

Route::post('login', function () {
    $passhash = Input::get('password');
    $credentials  = array(
        'username' => Input::get('username'),
        'password' => Input::get('password')
    );

    if ($a = Auth::attempt($credentials))
        return '<pre>' . print_r(Auth::user(), true);
    else
        dd($a);
});

Laravel 4的核心没有内置LDAP身份验证。因此，这是一种快速而肮脏的方式将其添加到您的应用程序中。它使用内部LDAP PHP函数，因此您需要安装php5-ldap包：

app/conf/auth.php的配置：

'ldap_tree'   => 'OU=anything,DC=domain,DC=com',
'ldap_server' => 'your.ldap.server.com',

这是一个供控制器使用的LDAP类：

class LDAP {
    public static function authenticate($username, $password)
    {
        if(empty($username) or empty($password))
        {
            Log::error('Error binding to LDAP: username or password empty');
            return false;
        }
        $ldapRdn = static::getLdapRdn($username);
        $ldapconn = ldap_connect( Config::get('auth.ldap_server') ) or die("Could not connect to LDAP server.");
        $result = false;
        if ($ldapconn) 
        {
            $ldapbind = @ldap_bind($ldapconn, $ldapRdn, $password);
            if ($ldapbind) 
            {
                $result = true;
            } else {
                Log::error('Error binding to LDAP server.');
            }
            ldap_unbind($ldapconn);
        } else {
            Log::error('Error connecting to LDAP.');
        }
        return $result;
    }
    public static function getLdapRdn($username)
    {
        return str_replace('[username]', $username, 'CN=[username],' . Config::get('auth.ldap_tree'));
    }
}

和一个AuthController来处理您的应用程序上的登录：

class AuthController extends Controller {
    public function __construct(LDAP $ldap)
    {
        $this->ldap = $ldap;
    }
    public function login()
    {
        if ( $this->ldap->authenticate( Input::get('email'), Input::get('password') ) )
        {
            $user = User::where('email', Input::get('email'))->first();
            Auth::login( $user );
            return Redirect::to('home');
        }
        return Redirect::refresh()->with('error', 'User and/or password are incorrect.');
    }
    public function logout()
    {
        if ( ! Auth::guest())
        {
            Auth::logout();
            return Redirect::to('message')
                    ->with('message', 'You just logged out.');                  
        }
        return Redirect::to('login');   
    }
}

请注意，此控制器对LDAP类使用依赖注入，它将由Laravel自动注入。