我在后端API中使用的是最新版本的Lumen。我想连接到LDAP服务器以从中间件进行用户身份验证。到目前为止,从路由器到中间件再到控制器的流程都是可行的。我还已经在XAMPP 7.3.1(Windows 10,x64)中成功启用了LDAP。
但是,到LDAP Online演示服务器(https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/的连接失败...
这里是中间件的代码:
<?php
namespace App\Http\Middleware;
use Log;
use App\User;
use Firebase\JWT\JWT;
class ldapMiddleware {
public static function testLdap(){
Log::info("hello ldapMiddleware");
// check http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
// Active Directory server
$ldap_host = "ldap://ldap.forumsys.com:389";
// connect to active directory
$ldapconn = ldap_connect($ldap_host) or die("Could not connect to LDAP Server");
//user dn
$ldapadmin = "ou=mathematicians,dc=example,dc=com";
// Password
$ldappass = "password";
Log::info("ldap_connect returned " . $ldapconn);
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
if(ldap_bind($ldapconn, $ldapadmin, $ldappass)) {
Log::info("Bind successful!");
}else{
Log::info("Invalid user/pass or other errors!");
}
}
}
它来自一个小教程,我也检查了ldap_bind()的php文档,到目前为止,代码在我看来还不错。但这不起作用:(我想念什么?我需要配置流明吗?我在Lumen中找不到有关此操作的大量信息,因为google上的大多数结果都围绕着使用laravel库来实现LDAP身份验证。但是我没有使用laravel,所以这对我没有多大帮助^^
编辑:我按照“ uid = tesla,ou = scientists,dc = example,dc = com”的建议编辑了凭据但是我的日志文件中仍然出现这些错误:
[2019-12-16 08:05:14] local.INFO: hello ldapMiddleware
[2019-12-16 08:05:14] local.INFO: ldap_connect returned Resource id #162
[2019-12-16 08:05:16] local.ERROR: ErrorException: ldap_bind(): Unable to bind to server: Can't contact LDAP server in E:\aether-backend\app\Http\Middleware\ldapMiddleware.php:34
Stack trace:
#0 [internal function]: Laravel\Lumen\Application->Laravel\Lumen\Concerns\{closure}(2, 'ldap_bind(): Un...', 'E:\\aether-backe...', 34, Array)
#1 E:\aether-backend\app\Http\Middleware\ldapMiddleware.php(34): ldap_bind(Resource id #162, 'uid=tesla,ou=sc...', 'password')
#2 E:\aether-backend\app\Providers\AuthServiceProvider.php(33): App\Http\Middleware\ldapMiddleware::testLdap()
#3 [internal function]: App\Providers\AuthServiceProvider->App\Providers\{closure}(Object(Laravel\Lumen\Http\Request), NULL)
#4 E:\aether-backend\vendor\illuminate\auth\RequestGuard.php(58): call_user_func(Object(Closure), Object(Laravel\Lumen\Http\Request), NULL)
#5 E:\aether-backend\vendor\illuminate\auth\GuardHelpers.php(60): Illuminate\Auth\RequestGuard->user()
#6 E:\aether-backend\vendor\illuminate\auth\GuardHelpers.php(70): Illuminate\Auth\RequestGuard->check()
#7 E:\aether-backend\app\Http\Middleware\Authenticate.php(38): Illuminate\Auth\RequestGuard->guest()
#8 E:\aether-backend\vendor\illuminate\pipeline\Pipeline.php(171): App\Http\Middleware\Authenticate->handle(Object(Laravel\Lumen\Http\Request), Object(Closure))
#9 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Laravel\Lumen\Http\Request))
#10 E:\aether-backend\vendor\laravel\lumen-framework\src\Routing\Pipeline.php(32): call_user_func(Object(Closure), Object(Laravel\Lumen\Http\Request))
#11 E:\aether-backend\vendor\illuminate\pipeline\Pipeline.php(105): Laravel\Lumen\Routing\Pipeline->Laravel\Lumen\Routing\{closure}(Object(Laravel\Lumen\Http\Request))
#12 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(413): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#13 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(259): Laravel\Lumen\Application->sendThroughPipeline(Array, Object(Closure))
#14 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(165): Laravel\Lumen\Application->handleFoundRoute(Array)
#15 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(416): Laravel\Lumen\Application->Laravel\Lumen\Concerns\{closure}(Object(Laravel\Lumen\Http\Request))
#16 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(171): Laravel\Lumen\Application->sendThroughPipeline(Array, Object(Closure))
#17 E:\aether-backend\vendor\laravel\lumen-framework\src\Concerns\RoutesRequests.php(108): Laravel\Lumen\Application->dispatch(NULL)
#18 E:\aether-backend\public\index.php(28): Laravel\Lumen\Application->run()
#19 {main} {"exception":"[object] (ErrorException(code: 0): ldap_bind(): Unable to bind to server: Can't contact LDAP server at E:\\aether-backend\\app\\Http\\Middleware\\ldapMiddleware.php:34)
[stacktrace]
#0 [internal function]: Laravel\\Lumen\\Application->Laravel\\Lumen\\Concerns\\{closure}(2, 'ldap_bind(): Un...', 'E:\\\\aether-backe...', 34, Array)
#1 E:\\aether-backend\\app\\Http\\Middleware\\ldapMiddleware.php(34): ldap_bind(Resource id #162, 'uid=tesla,ou=sc...', 'password')
#2 E:\\aether-backend\\app\\Providers\\AuthServiceProvider.php(33): App\\Http\\Middleware\\ldapMiddleware::testLdap()
#3 [internal function]: App\\Providers\\AuthServiceProvider->App\\Providers\\{closure}(Object(Laravel\\Lumen\\Http\\Request), NULL)
#4 E:\\aether-backend\\vendor\\illuminate\\auth\\RequestGuard.php(58): call_user_func(Object(Closure), Object(Laravel\\Lumen\\Http\\Request), NULL)
#5 E:\\aether-backend\\vendor\\illuminate\\auth\\GuardHelpers.php(60): Illuminate\\Auth\\RequestGuard->user()
#6 E:\\aether-backend\\vendor\\illuminate\\auth\\GuardHelpers.php(70): Illuminate\\Auth\\RequestGuard->check()
#7 E:\\aether-backend\\app\\Http\\Middleware\\Authenticate.php(38): Illuminate\\Auth\\RequestGuard->guest()
#8 E:\\aether-backend\\vendor\\illuminate\\pipeline\\Pipeline.php(171): App\\Http\\Middleware\\Authenticate->handle(Object(Laravel\\Lumen\\Http\\Request), Object(Closure))
#9 [internal function]: Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Laravel\\Lumen\\Http\\Request))
#10 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Routing\\Pipeline.php(32): call_user_func(Object(Closure), Object(Laravel\\Lumen\\Http\\Request))
#11 E:\\aether-backend\\vendor\\illuminate\\pipeline\\Pipeline.php(105): Laravel\\Lumen\\Routing\\Pipeline->Laravel\\Lumen\\Routing\\{closure}(Object(Laravel\\Lumen\\Http\\Request))
#12 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(413): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#13 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(259): Laravel\\Lumen\\Application->sendThroughPipeline(Array, Object(Closure))
#14 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(165): Laravel\\Lumen\\Application->handleFoundRoute(Array)
#15 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(416): Laravel\\Lumen\\Application->Laravel\\Lumen\\Concerns\\{closure}(Object(Laravel\\Lumen\\Http\\Request))
#16 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(171): Laravel\\Lumen\\Application->sendThroughPipeline(Array, Object(Closure))
#17 E:\\aether-backend\\vendor\\laravel\\lumen-framework\\src\\Concerns\\RoutesRequests.php(108): Laravel\\Lumen\\Application->dispatch(NULL)
#18 E:\\aether-backend\\public\\index.php(28): Laravel\\Lumen\\Application->run()
#19 {main}
您缺少其中一个建议用户的rdn。
您还可以绑定到包括以下内容的单个用户(uid)或两个组(ou):
ou=mathematicians,dc=example,dc=com
- riemann
- 高斯
- 欧拉
- euclid
ou=scientists,dc=example,dc=com
- 爱因斯坦
- 牛顿
- galieleo
- 特斯拉
例如,如果要绑定为Leonhard Euler,则绑定dn为:
uid=euler,ou=mathematicians,dc=example,dc=com
绑定为尼古拉·特斯拉:
uid=tesla,ou=scientists,dc=example,dc=com