Download the PHP package kaliop/identitymanagementbundle without Composer

On this page you can find all versions of the php package kaliop/identitymanagementbundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package identitymanagementbundle

Kaliop Identity Management Bundle

An eZ5 bundle designed to cater all your needs for custom user authentication scenarios:

The base idea is that it should be easy to swap/add remote user services without having to learn the intricate details of the Symfony auth component (firewall/authenticator/userprovider/factory).

As such, the logic of the 'ldap login handler' from eZP4 is replicated:

  1. when the user tries to log in the 1st time, retrieve his/her profile on the remote system, and create a corresponding eZ user on the fly
  2. when the user tries to log in after the 1st time, retrieve his/her profile on the remote system, and update the corresponding eZ user if needed

Some nice bits are still missing, but the bundle should be sufficient to get started with simple LDAP integrations.

Contributions are welcome :-)

Allow Log In By Email

Allow Log In By IP

Log In By Remote Services (LDAP/Active Directory or other)

Getting started: integrating an LDAP directory

  1. configure the connection to the ldap server, eg:

    services:
        # The ldap client config
        my.ldap:
            class: Symfony\Component\Ldap\LdapClient
            arguments:
                - ldap.server.com
                - 636
                - 3
                - true
  2. configure the retrieval of user account information from the ldap server, eg:

    # The service used to communicate with the LDAP server
    my.ldap_auth.client:
        class: Kaliop\IdentityManagementBundle\Adapter\LDAP\Client
        arguments:
            # NB: here you can pass in either one ldap client, or an array of clients, to achieve high-availability
            - "@my.ldap"
            -
                # the credentials used to serach the ldap
                search_dn: [email protected]
                search_password: abcdefg
                # the filter used to look up the user account
                base_dn: dc=domain,dc=com,
                filter: "(sAMAccountName={username})"
                # The ldap attributes to retrieve to build the user profile.
                # NB: by default, when the value of any of these changes, the ez user account is updated
                attributes:
                    - displayname
                    - mail
                    - telephonenumber
                    - memberof
                    - thumbnailphoto
                    - title
                # The name of the ldap attribute used to hold the user email
                email_attribute: mail
                # The name of attribute used to log-in to ldap and validate the password
                ldap_login_attribute: mail
        calls:
            - [ setLogger, [ @?logger ] ]
  3. create a handler class, which converts the RemoteUser into eZ users. Subclass Kaliop\IdentityManagementBundle\Security\User\RemoteUserHandler, implement setFieldValuesFromProfile and getGroupsFromProfile

  4. declare it as a service, eg:

    # The service which creates repo users out of ldap users
    my.ldap_auth.remoteuser_handler:
        class: My\LdapAuthBundle\Adapter\LDAP\RemoteUserHandler
        arguments:
            - "@my.ldap_auth.client"
            - "@ezpublish.api.repository"
            -
                user_contenttype: user
                default_content_language: eng-GB
                group_mapping:
                    "CN=LTD_Intranet_Administrator": 12
                    "CN=LTD_Intranet_CorpContentManager": 13
  5. tie your new service to the RemoteUser class returned by the ldap client:

    parameters:
        kaliop_identity.remoteuser_service_map:
            Kaliop\IdentityManagementBundle\Adapter\LDAP\RemoteUser: my.ldap_auth.remoteuser_handler
  6. set up a firewall definition which activates the whole thing: in security.yml:

    ezpublish_front:
        pattern: ^/
        anonymous: ~
        # Allow users to log in via LDAP.
        # The name HAS TO BE 'remoteuser_login'
        remoteuser_login:
            # the service used to connect to the LDAP server
            client: my.ldap_auth.client
        form_login:
            require_previous_session: false
        logout: ~

Allowing remote-service login to the Legacy Admin interface

  1. enable the identitymangementextension extension (bundled in this bundle)

  2. if you have renamed the firewall in security.yml to anything but ezpublish_front, set up identitymanagement.ini.append.php

  3. clear caches, test, done!

Advanced usage

Creating a remote-user-provider service for non-ldap services

  1. create a subclass of Kaliop\IdentityManagementBundle\Security\User\RemoteUser

  2. create a client class, implementing ClientInterface (take a look at Kaliop\IdentityManagementBundle\Adapter\LDAP\Client as an example)

  3. declare the new class as a service

  4. put the service id in a remoteuser_login in the firewall section of security.yml

  5. create a handler class, which converts the RemoteUser into eZ users, implementing RemoteUserHandlerInterface (probably subclassing Kaliop\IdentityManagementBundle\Security\User\RemoteUserHandler is a good idea)

  6. declare it as a service

  7. add it the the handler map in the parameter kaliop_identity.remoteuser_service_map

The logical flow is the following:

License Latest Stable Version Total Downloads

Scrutinizer Code Quality SensioLabsInsight


All versions of identitymanagementbundle with dependencies

PHP Build Version
Package Version
Requires php Version >=5.3.3
ezsystems/ezpublish-kernel Version *
paragonie/random_compat Version ^1.1 || ^2.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package kaliop/identitymanagementbundle contains the following files

Loading the files please wait ....