Search code examples
symfonyactive-directorypasswordsldap

How to get plain password user with Symfony2?


I have to get the user's plain password for LDAP authentification and then retrieve LDAP user informations in the Active Directory with Symfony2.

/**
 * @Route("/infos-profil/{id}", name="infos_profil")
 * @Template()
 */
public function infosProfilAction($id)
{
    $em = $this->getDoctrine()->getManager();
    $user = $em->getRepository('MyUserBundle:LdapUser')->find($id); // Find User Entity
    if (!$user) {
        throw $this->createNotFoundException('Unable to find LdapUser entity.');
    }
    $login = $user->getUsername(); // Login
    $pass = $user->getPlainPassword(); // Password
    $ds = ldap_connect("12.34.56.789");  // Domain connexion
    if ($ds) {
        $r = ldap_bind($ds, $login, $pass); // LDAP User connexion
        if ($r) {
            $filter = "(&(objectClass=user)(samaccountname=".$login.")(cn=*))";
            $sr=ldap_search($ds, "ou=DOMAIN, ou=Test, ou=Users, dc=ats, dc=lan", $filter);
            $info = ldap_get_entries($ds, $sr); // Retrieve user's Active Direcory informations
        }
    }
    return array(
        'user' => $user,
        'info' => $info,
}

But it doesn't work, $pass is empty. When I put the plain password manually in the ldap_bind() function it works perfectly, I just have to get the plain password ! ...

Is it possible ?


Solution

  • You don't need the user's password to retrieve information about them from active directory. Once they are authenticated simply look them up via LDAP using their username, with either an anonymous connection or failing that, a known privileged account.