I recently started learning symfony and was faced with the task of making authentication. For example, in Laravel, authentication is done using various packages, where login, registration, password reset, and so on are automatically generated. Are there any similar packages for symfony? Otherwise, the standard registration, which is described in the documentation for the framework, is too simple.
Symfony has documented a great tutorial on setting up authentication. Even with Laravel it is not a one command and done process. This will take a little work, reading and understanding.
https://symfony.com/doc/current/security/form_login_setup.html
This same process I use in every new Symfony application I develop.
Related
How to integrate Magnolia CMS with Keycloak?
I need to have a Single Sign On with Keycloak, but haven't found a way (so far I was examining the configuration documentation and wiki pages for Magnolia).
I'm very new to Magnolia so this actually might be a noob question.
As a side note: Might not be best starter task if you are very new. Consider getting training where authentication and it's configuration is explained at length.
As for the task at hand, you would want to write your own authentication module and place it in the chain of JAAS modules Magnolia/Tomcat will evaluate when authenticating users.
There is similar module written looong time ago for NTLM based authentication that you can take as a blueprint (assuming you are enterprise customer and have access to enterprise code) for what you want to achieve. Otherwise, there's only stuff that is on documentation that might help.
- NTLM Module
- General security documentation
Might be frustrating starting experience tho.
I've working on learning Asp.net, but I'm having troubles with the password hasher.
I want to use the non-modified version of the thing, but I'm severely lacking on instructions. Googling has failed me.
So it's a very very general question.
Would some one be so kind to provide a small tutorial on password hashing during User registration and login.
I would really appreciate it.
Within a Symfony2 application I'm building I've managed to get user account creation, login, updating profile working using bootstrap for the frontend and 'out of the box' Symfony2 for the rest. I need to add the ability for users to reset their passwords and/or have email sent with a generated password. I'll preface these questions with the fact I am new to developing in Symfony2. My questions are 1) Do I try and use FOSUserBundle in parallel with code I have already written or 2) Are there ways to implement this without FOSUserBundle. These are questions are really coming from a place of not knowing any better.
Thank you in advance.
I'm not a symfony guy but I only know that Symfony embraces the "don't reinvent the wheel" philosophy. Symfony itself is a collection of bundles. If this is your first time with a web framework I can tell that you've passed a lot of time and effort implementing something that other developers offered to you. Believe me if you want to build something powerful and standardized FOSuserbundle will undoubtedly satisfy your need.
Always sad to see a genuinely asked question downvoted.
#Brent was a Symfony novice myself and in many ways probably still am. I wouldn't say Symfony embraces "don't reinvent the wheel" but rather "speed up app development". I am sure you can take days searching Stackoverflow and find possible (probably a little bit outdated) solutions to your problem or do as #AzizFCB suggested and use a ready Symfony bundle, in fact, the most widely used and adopted Symfony bundle. Unless your app's core activity is solving people's login and forgot password problems. I would strongly advise to use FOSUserBundle, solve that problem in a few hours importantly including updates (especially security) that you don't need to manage (but if you can please contribute to) and focus your efforts on coding your apps core activity(s).
I would like to use the hash algorithm from FOSUserBundle in a standalone app.
Here's what I want to do:
-Copy the user table into a standalone app
-Let users use their symfony2 login in my separate app
In order to do this, I need to code a copy of the FOSUserBundles authentication in my app.
So my question is - where can I find this algorithm in the FOSUserBundle codebase? Is it just a md5() together with the user specific salt or how is it constructed?
Thanks!
* UPDATE *
So while this would certainly be interesting to know how to do, I am now faced instead with changing the algorithm in FOSUserBundle, so I will have to do it the other way around. And I will open a different topic for that.
To answer your original question:
Password encoders are part of the Synfony's core, not FOSUserBundle. You may find them in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Encoder.
To find the correct encoder to use in your custom script look what you have configured for FOSUserBundle.
I'm new to symfony & LDAP. Is there any step by step tutorial or videos to integrate LDAP in symfony2?
I don't know any tutorial or video about LDAP in Symfony2 but here are 2 bundles I used in many projects:
OpenSkyLdapBundle (requires ZF2 LDAP component)
FR3DLdapBundle (integration with FOSUserBundle)
Newer versions of Symfony2 should have LDAP support already in there. If you are constrained to an older version, consider using DapsBundle, since its functionality is patterned after Symfony2's upgrade path, meaning it should be easier for you when you do upgrade your Symfony2 version.. You can learn more about on my blog at http://robertelwell.info/blog/daps-ldap-symfony2/.
FOSUserBundle is a bundle for authenticate users against a DB, if you don't want manager your users with the DB then you must do a little customizations for break the dependency in FR3DLdapBundle.
Writing your own UserManager and setting it in the configuration should be enough.
The UserManager is used for create the User instance the first time.