PHPackages unholyknight/active-directory-authenticate - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. unholyknight/active-directory-authenticate ActiveCakephp-plugin[Authentication & Authorization](/categories/authentication) unholyknight/active-directory-authenticate ========================================== CakePHP plugin for Active Directory authentication over LDAP. 39096[1 PRs](https://github.com/unholyknight/active-directory-authenticate/pulls)PHP Since Nov 27Pushed 7y ago3 watchersCompare [ Source](https://github.com/unholyknight/active-directory-authenticate)[ Packagist](https://packagist.org/packages/unholyknight/active-directory-authenticate)[ RSS](/packages/unholyknight-active-directory-authenticate/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) Active Directory Authentication for [CakePHP 3](https://cakephp.org/) ===================================================================== [](#active-directory-authentication-for-cakephp-3) Extends CakePHP's built-in authentication types to offer form authentication for Active Directory users over LDAP using [Adldap2](https://github.com/Adldap2/Adldap2/). Installing With Composer ------------------------ [](#installing-with-composer) Install Active Directory Authentication by adding the following to your `composer.json` file: ``` "require": { "unholyknight/active-directory-authenticate": "master" } ``` Run composer's update command to download the plugin. Loading Into A CakePHP Application ---------------------------------- [](#loading-into-a-cakephp-application) After installing with Composer, load the plugin: ``` // add to config/bootstrap.php Plugin::load('ActiveDirectoryAuthenticate'); ``` Adding Active Directory Authentication -------------------------------------- [](#adding-active-directory-authentication) Authentication is handled similarly to Cake's native **FormAuthenticate**. This includes FormAuthenticate's core configuration options as well as some expanded options for Active Directory connectivity and queried data. To add the Active Directory authentication component to your application open your **src/Controller/AppController.php** file and add the following lines in the **initialize()** function. Extended options are further described below. For more information on CakePHP's core FormAuthenticate and associated options see the [Cookbook's authentication example](http://book.cakephp.org/3.0/en/tutorials-and-examples/blog-auth-example/auth.html). ``` public function initialize() { //... $this->loadComponent('Auth', [ 'authenticate' => [ 'ActiveDirectoryAuthenticate.Adldap' => [ 'config' => [ 'account_suffix' => '@corp.acme.org', 'base_dn' => 'dc=corp,dc=acme,dc=org', 'domain_controllers' => ['ACME-DC01.corp.acme.org'] ] ] ] ]); //... } ``` Configuration Options --------------------- [](#configuration-options) ### 'config' [](#config) The config key must contain an array which describes your environment so that a connection can be made. In many cases this only needs to include the account suffix, domain controllers and base dn. ``` 'config' => [ 'account_suffix' => '@corp.acme.org', 'base_dn' => 'dc=corp,dc=acme,dc=org', 'domain_controllers' => ['ACME-DC01.corp.acme.org'] ] ``` Expanded options include support for ssl, tls and non-standard ports. See the full list of available options on [Adldap2's configuration docs](https://github.com/Adldap2/Adldap2/blob/master/docs/configuration.md). ### 'select' [](#select) The select key can either be an array of attributes to return or null (defaults to null). These attributes will depend on the LDAP attributes available from your Active Directory environment. If set to null then all available information will be returned for the user. ``` 'select' => [ 'displayName', 'samaccountname', 'telephonenumber', 'mail' ] ``` [Microsoft's Active Directory Schema Documentation](https://msdn.microsoft.com/en-us/library/ms675090(v=vs.85).aspx) is a good resource for referencing available LDAP attributes, but these may vary depending on your Active Directory environment. ### 'ignored' [](#ignored) The ignored key is an array of keys for which you do not want data returned. By default the ignored array contains 'distinguishedname', 'dn', 'objectcategory' and 'objectclass' in order to clean up the data that is returned to the Auth component. Set ignored to null or a blank array if you would like to retrieve all keys. ``` 'ignored' => [ 'distinguishedname', 'dn', 'objectcategory', 'objectclass' ] ``` Group Membership Handling ------------------------- [](#group-membership-handling) The authenticated user's groups are always retrieved and returned in the memberof and groups keys. memberof contains an array of the user's Active Directory groups in their original format. ``` 'memberof' => [ 0 => 'CN=Admins,OU=Applications,OU=Groups,DC=acme,DC=org', 1 => 'CN=WordPress Editors,OU=Applications,OU=Groups,DC=acme,DC=org', 2 => 'CN=Google Apps Users,OU=Applications,OU=Groups,DC=acme,DC=org', 3 => 'CN=Members,OU=Security,OU=Groups,DC=acme,DC=org' ] ``` groups contains an array of the user's Active Directory groups by name only. You may find this useful when defining granular access to controllers and actions. ``` 'groups' => [ 0 => 'Admins', 1 => 'WordPress Editors', 2 => 'Google Apps Users', 3 => 'Members' ] ``` Testing ------- [](#testing) Tests are not yet written for this plugin. Once they are available, version 1.0 will be tagged and released. ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity20 Limited adoption so far Community13 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 77.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/c4c8d6de51889dc58e28c4be80ce785a8b1232f99364bc3fa3823acb71a9e429?d=identicon)[unholyknight](/maintainers/unholyknight) --- Top Contributors [![unholyknight](https://avatars.githubusercontent.com/u/1048970?v=4)](https://github.com/unholyknight "unholyknight (7 commits)")[![milewski-jaroslaw](https://avatars.githubusercontent.com/u/7147814?v=4)](https://github.com/milewski-jaroslaw "milewski-jaroslaw (2 commits)") ### Embed Badge ![Health badge](/badges/unholyknight-active-directory-authenticate/health.svg) ``` [![Health](https://phpackages.com/badges/unholyknight-active-directory-authenticate/health.svg)](https://phpackages.com/packages/unholyknight-active-directory-authenticate) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)