symfony framework forum

[drzen]

Hi,

I need to extend sfGuard plugins for an external authentication method.

In apps/fe/lib I create the file jAuth.class.php:

Code: Select all

    class jAuth     {
       
        public static function checkPassword($username, $password):

{

return true;
}
    }

In apps/config/app.yml I insert:

Code: Select all

all:
  sf_guard_plugin:
    check_password_callable: [jAuth, checkPassword]


in apps/config/settings.yml:

Code: Select all

all:
  .settings:
    enabled_modules:      [default, sfGuardAuth]
  .actions:
    login_module: sfGuardAuth
    login_action: signin

But seems that's jAuth is not called.

Any ideas?

Thanks in advanced.
v.

[djhaskin987]

I actually have the same problem. I set up everything according to the sfDoctrineGuardPluginReadme. My external authentication class is under /var/www/$sf_project/apps/frontend/lib/lsAuth.class.php .
It looks much like yours; I don't know why it isn't being called. can anyone help?

[djhaskin987]

I'm using sfDoctrineGuardPlugin on symfony 1.4, but this should still be valid for you.

I set up some logging and debugging info on my setup similiar to yours, and i found that sfGuardAuth checks the database first to see if the user in question is there. if the user is NOT, the external authentication class's static method never gets called, but if there IS a user in the database, then it checks that users' password based on your external method. that is why it is never called -- sfGuard cannot find your user (who is probably on an LDAP domain and not in your database) and so does not try to authenticate that user.

As a solution, i'm trying to override sfGuardAuth's executeSignin method as per the instructions on how to override an action in the plugin's README. i'll keep you posted on how that goes (I don't want to have to load every user that needs to see my site in the database, i just want to be able to authenticate agains LDAP.)

If anyone else has a simpler solution, please let me know.