PHPackages                             radebatz/ldap-auth-service-provider - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. radebatz/ldap-auth-service-provider

AbandonedArchivedLibrary[Authentication &amp; Authorization](/categories/authentication)

radebatz/ldap-auth-service-provider
===================================

Silex Ldap authentication service provider.

v1.3.0(9y ago)519.4k2[3 issues](https://github.com/DerManoMann/ldap-auth-service-provider/issues)MITPHPPHP &gt;=5.5.9

Since May 30Pushed 9y ago1 watchersCompare

[ Source](https://github.com/DerManoMann/ldap-auth-service-provider)[ Packagist](https://packagist.org/packages/radebatz/ldap-auth-service-provider)[ Docs](http://radebatz.net/mano/)[ RSS](/packages/radebatz-ldap-auth-service-provider/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (6)Dependencies (8)Versions (7)Used By (0)

A Silex Ldap authentication service provider
============================================

[](#a-silex-ldap-authentication-service-provider)

[![Build Status](https://camo.githubusercontent.com/98a33baea97439fc379ac641597cc958cc390ea95bf5ca63ec932b357e932441/68747470733a2f2f7472617669732d63692e6f72672f4465724d616e6f4d616e6e2f6c6461702d617574682d736572766963652d70726f76696465722e706e67)](https://travis-ci.org/DerManoMann/ldap-auth-service-provider)[![Coverage Status](https://camo.githubusercontent.com/f62793d3851a6923ddde1dee3dc07145295f0f78f9fe98c4b7ec203cff1da3c8/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f4465724d616e6f4d616e6e2f6c6461702d617574682d736572766963652d70726f76696465722f62616467652e706e67)](https://coveralls.io/r/DerManoMann/ldap-auth-service-provider)

This service provider provides Ldap based authentication and authorization.

Basic Usage
-----------

[](#basic-usage)

- Form based authentication
- roles are mapped based on the user being in the specified LDAP group(s).
- The LDAP sn attribute is mapped to the userName property of the user object created

```
    // register service with name LDAP-FORM
    $app->register(new LdapAuthenticationServiceProvider('LDAP-FORM'), array(
        'security.ldap.LDAP-FORM.options' => array(
            'auth' => array(
                'entryPoint' => 'form',
            ),
            'ldap' => array(
                'host' => 'localhost',
                'username' => 'username-for-initial-bind',
                'password' => 'xxx',
            ),
        )
    ));

    // configure firewalls
    $app->register(new SecurityServiceProvider(), array(
        'security.firewalls' => array(
            'login' => array(
                'pattern' => '^/login$',
            ),
            'default' => array(
                'pattern' => '^.*$',
                'anonymous' => true,
                'LDAP-FORM' => array(
                    // form options
                    'check_path' => '/login_check_ldap',
                    'require_previous_session' => false,
                ),
                'users' => function () use ($app) {
                    // use the pre-configured Ldap user provider
                    return $app['security.ldap.LDAP-FORM.user_provider'](array(
                        // configure LDAP attribute to use for auth bind call (dn is the default)
                        'authName' => 'dn',
                        'attr' => array(
                            // LDAP attribute => user property
                            // these require setter support in the user class
                            'sn' => 'lastName',
                        ),
                        'roles' => array(
                            'CN=Development,OU=Groups,DC=radebatz,DC=net'   => 'ROLE_USER',
                            'CN=Admins,OU=Groups,DC=radebatz,DC=net'        => 'ROLE_ADMIN',
                        ),
                        'baseDn' => 'DC=radebatz,DC=net',
                    ));
                },
            ),
        )
    ));

```

Installation
------------

[](#installation)

The recommended way to install ldap-auth-service-provider is [through composer](http://getcomposer.org).

Install the latest version with:

```
$ composer require radebatz/ldap-auth-service-provider

```

### Configuring Ldap

[](#configuring-ldap)

The Ldap related code depends on [`zend-ldap`](https://github.com/zendframework/zend-ldap), so all configuration options are just passed through. For more details check the [`zend-ldap docs`](http://framework.zend.com/manual/current/en/index.html#zend-ldap).

The default username value used to autheticate (bind) a user is the LDAP dn attribute (there is a default mapping `'dn' => 'authName'`). To change this or allow an alternative fallback attribute, the following attribute mapping could have been used in the example above:

```
    'attr' => array(
        // LDAP attribute => user property
        'sn' => 'lastName',
    ),

```

NOTE: The property 'authName' of the loaded user object is used for the bind when validating the user credentials (password). As a default the LDAP 'dn' attribute is mapped to the authName property of the user.

In addition the provider allows to configure a list of hosts to try. If none in the list can't be connected, the regularly configured host is used as last resort.

Example:

```
ldap:
  ldap:
    hosts:
      - ldap1
      - ldap2
    host: localhost

```

In this case the code will try to connect in the order: ldap1, ldap2, localhost.

### Custom user class

[](#custom-user-class)

The LdapUserProvider class allows to configure a custom User class to be used. Only restriction is that the custom class has a constructor that is compatible with the default class `Symfony\\Component\\Security\\Core\\User\\User`.

Requirements
------------

[](#requirements)

- Silex 2.0
- PHP 5.5

License
-------

[](#license)

All code is licensed under the MIT license.

Changelog
---------

[](#changelog)

Issues that break backwards compatibility are flagged \[BC\].

### v1.0.0

[](#v100)

- Initial release

### v1.1.0

[](#v110)

- Move options into security.ldap.\[serviceName\] namespace
- Add preconfigured user provider

### v1.2.0

[](#v120)

- Add Silex 1.3 support
- bug fixes

### v1.2.1

[](#v121)

- Add hosts option to allow a list of fallback servers

### v1.2.2

[](#v122)

- Fix LdapException handling
- Add Psr\\Log dependency
- \[BC\] Make the logger an optional second constructor argument instead of taking it from $app

### v1.3.0

[](#v130)

- Use users DN as name when trying to bind user \[#15\]
    - add new authName mapping to allow to control what LDAP attribute to use to bind when authentication (defaults to DN)
    - Fix merging of LdapUserProvider defaults
    - Check for values array when mapping LDAP data to user instance
    - \[BC\] Custom user classes *must* either support magic get/set methods or at least implement `getAuthName()`, `setAuthName($authName)`

###  Health Score

30

—

LowBetter than 64% of packages

Maintenance8

Infrequent updates — may be unmaintained

Popularity26

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity62

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~97 days

Recently: every ~120 days

Total

6

Last Release

3518d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/58fc8faf924fe63e767e726dd23888bda8c2b42b4b28c33243bcfa31078318c7?d=identicon)[DerManoMann](/maintainers/DerManoMann)

---

Top Contributors

[![DerManoMann](https://avatars.githubusercontent.com/u/47783?v=4)](https://github.com/DerManoMann "DerManoMann (50 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/radebatz-ldap-auth-service-provider/health.svg)

```
[![Health](https://phpackages.com/badges/radebatz-ldap-auth-service-provider/health.svg)](https://phpackages.com/packages/radebatz-ldap-auth-service-provider)
```

###  Alternatives

[simplesamlphp/simplesamlphp

A PHP implementation of a SAML 2.0 service provider and identity provider.

1.1k12.4M193](/packages/simplesamlphp-simplesamlphp)[simplesamlphp/saml2

SAML2 PHP library from SimpleSAMLphp

30317.2M40](/packages/simplesamlphp-saml2)[web-auth/webauthn-lib

FIDO2/Webauthn Support For PHP

1225.3M72](/packages/web-auth-webauthn-lib)[davec49/silex2-simpleuser

A simple database-backed user provider for Silex 2.0, with associated services and controllers forked from jasongrimes/SimpleUser.

131.1k](/packages/davec49-silex2-simpleuser)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)