>> You can stop Zend_Auth_Adapter_Ldap from trying to split the username by setting the
>> tryUsernameSplit option to false (true by default).
>Good to know, thanks. I missed this option when I browse source but
>any way I have to fetch extra information from LDAP.
To fetch extra information from the LDAP you can either use the Zend_Auth_Adapter_Ldap::getAccountObject() method to retrieve the user account entry or you can use Zend_Auth_Adapter_Ldap::getLdap() to get the underlying LDAP adapter that allows you to query the LDAP (be careful as this adapter is authenticated with the credentials provided to the Zend_Auth_Adapter_Ldap which could result in some access restriction problems).
>I reckon that there is a some bad design in Zend_Amf authentication
>but I have no idea what is wrong.
>Basically, I'm looking for clean way how to implement Ldap auth wit
>Zend_Amf_Server. I could extend Zend_Amf_Auth_Abstract and use it as a
>proxy to Zend_Auth_Adapter_Ldap...
A proxy seems to be the way to go. Create a My_Amf_Auth_LdapProxy (extends Zend_Amf_Auth_Abstract) and let it proxy your authentication request to the LDAP adapter:
class My_Amf_Auth_LdapProxy extends Zend_Amf_Auth_Abstract
{
protected $_ldapAdapter;
public function __construct(Zend_Auth_Adapter_Ldap $ldapAdapter)
{
$this->_ldapAdapter = $ldapAdapter;
}
public function setCredentials($username, $password)
{
parent::setCredentials($username, $password); // not really needed I think
$this->_ldapAdapter->setUsername($username);
$this->_ldapAdapter->setPassword($password);
}
public function authenticate()
{
return $this->_ldapAdapter->authenticate();
}
}
That seems to be the most natural way accomplish your task.
Best regards
Stefan
没有评论:
发表评论