PHPackages opensky/ldap-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. opensky/ldap-bundle ActiveSymfony-bundle[Security](/categories/security) opensky/ldap-bundle =================== Integrates LDAP v1.0.0(8y ago)553510[6 issues](https://github.com/opensky/LdapBundle/issues)[5 PRs](https://github.com/opensky/LdapBundle/pulls)MITPHPPHP >=7.0 Since Nov 5Pushed 5y ago15 watchersCompare [ Source](https://github.com/opensky/LdapBundle)[ Packagist](https://packagist.org/packages/opensky/ldap-bundle)[ Docs](https://github.com/opensky/LdapBundle)[ RSS](/packages/opensky-ldap-bundle/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependencies (5)Versions (10)Used By (0) LdapBundle ========== [](#ldapbundle) This bundle implements an LDAP-based UserProvider for Symfony2's Security component. When used in conjunction with Symfony2's HTTP basic authentication listener, this bundle can verify usernames against an LDAP server and populate roles based on groups to which the LDAP user belongs. Installation ------------ [](#installation) ### Dependencies [](#dependencies) This bundle depends on the [Zend Framework 2](https://github.com/zendframework/zf2)LDAP client. If you don't already have the ZF2 codebase available in the vendor path of your Symfony2 application, you may be interested in using [git-subtree](https://github.com/apenwarr/git-subtree)to pull in the LDAP client by itself. Instructions for this process are documented in [this thread](https://groups.google.com/d/msg/symfony-devs/N-uIGhEWgs8/CrFmiLFYQbEJ)from the symfony-devs mailing list. ### Submodule Creation [](#submodule-creation) Add LdapBundle to your `src/` directory: ``` $ git submodule add https://github.com/opensky/LdapBundle.git vendor/bundles/OpenSky/Bundle/LdapBundle ``` ### Class Autoloading [](#class-autoloading) If the `src/` directory is already configured in your project's `autoload.php`via `registerNamespaceFallback()`, no changes should be necessary. Otherwise, either define the fallback directory or explicitly add the "OpenSky" namespace: ``` # app/autoload.php $loader->registerNamespaces(array( 'OpenSky' => __DIR__.'/../vendor/bundles', )); ``` Additionally, ensure that the "Zend" namespace is also configured for autoloading. ### Application Kernel [](#application-kernel) Add LdapBundle to the `registerBundles()` method of your application kernel: ``` public function registerBundles() { return array( new OpenSky\Bundle\LdapBundle\OpenSkyLdapBundle(), ); } ``` Configuration ------------- [](#configuration) ### LdapBundle Extension [](#ldapbundle-extension) The LDAP UserProvider may be configured with the following: ``` # app/config/config.yml opensky_ldap: client: host: ldap.example.com user_base_dn: ou=Users,dc=example,dc=com user_filter: (objectClass=employee) username_attribute: uid role_base_dn: ou=Groups,dc=example,dc=com role_filter: (objectClass=role) role_name_attribute: cn role_user_attribute: memberuid security: role_prefix: ROLE_LDAP_ default_roles: [ROLE_ADMIN, ROLE_LDAP] ``` These settings are explained below: - `client`: array of options for the ZF2 LDAP client. Any options may be specified, although host is likely a minimum requirement. - `user_base_dn`: base DN when searching for users is LDAP. - `user_filter`: filter to apply when searching for users in LDAP. - `username_attribute`: user entry attribute to use as a username. - `role_base_dn`: base DN when searching for roles in LDAP. - `role_filter`: filter to apply when searching for roles in LDAP. - `role_name_attribute`: role entry attribute to use as the role name. - `role_user_attribute`: role entry attribute to use for inferring user relationships. Its value should be a set of user identifiers, which correspond to `usernameAttribute` values of user entries. - `security.role_prefix`: prefix to apply when transforming role names from LDAP entries into security roles. See: *Deriving Symfony2 Roles from LDAP Groups* - `security.default_roles`: array of default roles to be assigned to all LDAP users, before roles are inferred from user/role entry relationships. See also: - [Zend\_Ldap config documentation](http://framework.zend.com/manual/en/zend.ldap.api.html) ### Security Component [](#security-component) This bundle is currently intended to be used alongside Apache's mod\_auth\_ldap. As such, it must be configured to operate with a PreAuthenticatedAuthenticationProvider. A pre-auth provider for HTTP basic authentication is included, and may be configured as follows: ``` # app/config/security.yml security.config: providers: ldap: id: opensky_ldap.user_provider firewalls: backend: provider: ldap pattern: /admin(/.*)? http_basic_pre_auth: true stateless: true factories: - %kernel.root_dir%/../vendor/bundles/OpenSky/Bundle/LdapBundle/Resources/config/security_factories.xml ``` Note: a future enhancement for this bundle will be a UserAuthenticationProvider to allow for authentication against an LDAP server, which will remove the need to use mod\_auth\_ldap for pre-authentication. See also: - [mod\_auth\_ldap documentation](http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html) The LdapUser Object ------------------- [](#the-ldapuser-object) Users provided by the LDAP UserProvider will be instances of LdapUser, which is a lightweight implementation of Symfony2's UserInterface. This user object stores only a username and array of roles. Deriving Symfony2 Roles from LDAP Groups ---------------------------------------- [](#deriving-symfony2-roles-from-ldap-groups) LdapBundle will attempt to create Symfony2 security roles based on an attribute from the group entry. By default, the group's common name ("cn") will be used. In general, a group's name will be slugified (using an underscore), uppercased and prefixed with a configurable string ("ROLE\_LDAP\_" by default). For example, if your user exists within the LDAP group named "Admin", the provided LdapUser object will have the "ROLE\_LDAP\_ADMIN" role. The full implementation can be found within the LdapUserProvider class. ### Health Score 34 — LowBetter than 75% of packages Maintenance18 Infrequent updates — may be unmaintained Popularity22 Limited adoption so far Community22 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 53.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~618 days Total 4 Last Release 3128d ago Major Versions v0.0.1 → v1.0.02017-11-29 PHP version history (2 changes)v0.0.1PHP >=5.3.0 v1.0.0PHP >=7.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/604334?v=4)[Mikhail Shtukin](/maintainers/Shtumi)[@shtumi](https://github.com/shtumi) --- Top Contributors [![jmikola](https://avatars.githubusercontent.com/u/244663?v=4)](https://github.com/jmikola "jmikola (25 commits)")[![kriswallsmith](https://avatars.githubusercontent.com/u/33886?v=4)](https://github.com/kriswallsmith "kriswallsmith (8 commits)")[![stof](https://avatars.githubusercontent.com/u/439401?v=4)](https://github.com/stof "stof (5 commits)")[![jsuggs](https://avatars.githubusercontent.com/u/95949?v=4)](https://github.com/jsuggs "jsuggs (2 commits)")[![avalanche123](https://avatars.githubusercontent.com/u/83289?v=4)](https://github.com/avalanche123 "avalanche123 (2 commits)")[![jwage](https://avatars.githubusercontent.com/u/97422?v=4)](https://github.com/jwage "jwage (2 commits)")[![greg0ire](https://avatars.githubusercontent.com/u/657779?v=4)](https://github.com/greg0ire "greg0ire (1 commits)")[![llsousa](https://avatars.githubusercontent.com/u/180369?v=4)](https://github.com/llsousa "llsousa (1 commits)")[![bobthecow](https://avatars.githubusercontent.com/u/53660?v=4)](https://github.com/bobthecow "bobthecow (1 commits)") --- Tags securityldap ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/opensky-ldap-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/opensky-ldap-bundle/health.svg)](https://phpackages.com/packages/opensky-ldap-bundle) ``` ### Alternatives [easycorp/easyadmin-bundle Admin generator for Symfony applications 4.3k17.5M378](/packages/easycorp-easyadmin-bundle)[rcsofttech/audit-trail-bundle Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking. 1175.2k](/packages/rcsofttech-audit-trail-bundle)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.4M196](/packages/sulu-sulu)[web-auth/webauthn-framework FIDO2/Webauthn library for PHP and Symfony Bundle. 51390.8k3](/packages/web-auth-webauthn-framework)[web-auth/webauthn-symfony-bundle FIDO2/Webauthn Security Bundle For Symfony 65474.5k9](/packages/web-auth-webauthn-symfony-bundle)[2lenet/crudit-bundle The easy like Crud'it Bundle. 1615.6k12](/packages/2lenet-crudit-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)