magenerds/ldap

此包已被弃用,不再维护。未建议替代包。

Magento 2 后端登录的 LDAP 认证

维护者

详细信息

github.com/Magenerds/Ldap

源代码

问题

安装次数: 4,062

依赖: 0

建议者: 0

安全: 0

星标: 15

关注者: 9

分支: 13

开放问题: 6

类型:magento2-module

2.0.2 2018-08-31 14:37 UTC

Requires

OSL-3.0 232817dd33a4612b1f17ea2b8cf5b95e2ba3281e

This package is auto-updated.

Last update: 2021-08-12 17:36:54 UTC

README

Latest Stable Version License

通过 Composer 安装

"magenerds/ldap": "~2.0" 添加到您的 composer.json 文件中的 require 块,然后运行 composer install

{
	"require": {
		"magenerds/ldap": "~2.0"
	}
}

或者,您可以直接从命令行运行以下命令

composer require magenerds/ldap "~2.0"

配置

有几种方法可以为您的实例和环境配置 ldap 模块。您可以使用 Magento 的 setup:config:set 命令和/或设置 setup:install 命令中的选项。然而,在每种情况下,Magento 都会将配置数据持久化到 app/etc/env.php。您可以手动编辑此文件并将其部署或挂载到您的目标环境。

命令选项

对于 setup:config:setsetup:install

     --ldap-host                  Ldap host
     --ldap-port                  Ldap Port (default: "389")
     --ldap-use-tls               For the sake of security, this should be `yes` if the server has the necessary certificate installed.
     --ldap-use-ssl               Possibly used as an alternative to useStartTls
     --ldap-bind-requires-dn      Required and must be `yes`, as OpenLDAP requires that usernames be in DN form when performing a bind.
     --ldap-base-dn               As with all servers, this option is required and indicates the DN under which all accounts being authenticated are located.
     --ldap-bind-dn               Required and must be a DN, as OpenLDAP requires that usernames be in DN form when performing a bind. Try to use an unprivileged account.
     --ldap-bind-password         The password corresponding to the username above, but this may be omitted if the LDAP server permits an anonymous binding to query user accounts.
     --ldap-allow-empty-password  Allow empty password
     --ldap-cache-password        To save the user password in the Magento database. Then, users will be able to log in even when the LDAP server is not reachable.
     --ldap-role                  Role that is assigned
     --ldap-user-filter           Ldap search filter. Placeholders are ":usernameAttribute" and ":username". (default: "(&(objectClass=*)(:usernameAttribute=:username))")
     --ldap-attribute-username    Attribute in LDAP defining the user’s username. (default: "uid")
     --ldap-attribute-first-name  Attribute in LDAP defining the user’s first name. (default: "givenname")
     --ldap-attribute-last-name   Attribute in LDAP defining the user’s last name. (default: "sn")
     --ldap-attribute-email       Attribute in LDAP defining the user’s email. (default: "mail")

使用 bin/magento setup:config:set --helpbin/magento setup:install --help 获取更多信息。

有关更多详细信息,请参阅 LDAP 认证

Ldap 用户过滤器

最小搜索过滤器

(&(objectClass=*)(:usernameAttribute=:username))

memberOf 的示例

(&(memberOf=cn=magento,ou=groups,dc=github,dc=com)(objectClass=person)(:usernameAttribute=:username))

(可选) env.php

'ldap' => array(
    'host' => 'ldap',
    'port' => '389',
    'base-dn' => 'ou=users,dc=github,dc=com',
    'bind-dn' => 'cn=admin,dc=github,dc=com',
    'bind-password' => 'password',
    'role' => 'Administrator',
    'user-filter' => '(&(objectClass=*)(:usernameAttribute=:username))',
    'attribute' => array(
        'username' => 'uid',
        'first-name' => 'givenname',
        'last-name' => 'sn',
        'email' => 'mail',
    ),
    'allow-empty-password' => false,
    'cache-password' => false,
    'use-tls' => false,
    'use-ssl' => false,
    'bind-requires-dn' => false,
)

许可

magenerds/ldap 在 OSL-3.0 条件下分发