Possible BC Break for LDAP Authentication in Symfony 3.2.3 #21577
Description
| Q | A |
|---|---|
| Bug report? | yes |
| Feature request? | no |
| BC Break report? | yes |
| RFC? | no |
| Symfony version | 3.2.3 |
After upgrading from a fresh 3.2.2 Symfony Standard Edition to 3.2.3 authentication via LDAP is broken. The LDAP authentication in the 3.2.2 app works fine.
I get the error message
Missing attribute "sAMAccountName" for user "uid=<uid>,ou=people,dc=<domain>,dc=<tld>".
Exception backtrace:
at LdapUserProvider ->getAttributeValue (object(Entry), 'sAMAccountName')
in vendor/symfony/symfony/src/Symfony/Component/Security/Core/User/LdapUserProvider.php at line 90
at LdapUserProvider ->loadUserByUsername ('<username>')
in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php at line
at LdapBindAuthenticationProvider ->retrieveUser ('<username>', object(UsernamePasswordToken))
in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php at line 70
at UserAuthenticationProvider ->authenticate (object(UsernamePasswordToken))
in var/cache/dev/classes.php at line 4612
My configs:
#app/config/security.yml
security:
providers:
app_users:
ldap:
service: app.ldap
base_dn: dc=<domain>,dc=<tld>
default_roles: ROLE_USER
filter: (uid={username})
search_password: ~
search_dn: ~Compared to the docs search_dn is empty but as I mentioned already it works in the 3.2.2 app (and in other Symfony 2 apps).
#app/config/services.yml
services:
app.ldap:
class: Symfony\Component\Ldap\LdapClient
arguments: [ "<domain>" ]I didn't expected to adapt the LDAP configuration after a Patch update.
I will investigate more in this issue but as it might be a BC break I wanted to let you know about this problem as soon as possible.