Closed
Description
| Q | A |
|---|---|
| Bug report? | yes |
| Feature request? | no |
| BC Break report? | ??? |
| RFC? | no |
| Symfony version | 3.4 |
| Due to deprecation warnings I replaced stuff in security/firewalls, security/providers. | |
| Actually the substitutuion of '{username}' in dn_string of the firewalls doesn't seem to have any effect anymore. |
https://symfony.com/doc/3.4/security/ldap.html suggests the following:
# app/config/security.yml
security:
# ...
firewalls:
main:
# ...
form_login_ldap:
# ...
service: Symfony\Component\Ldap\Ldap
dn_string: 'uid={username},dc=example,dc=com'
if I place
dn_string: 'CN={username},OU=Users,DC=my,DC=domain,DC=de'
{username} won't be replaced.
see the Exception:
LdapException
HTTP 500 Internal Server Error
Could not complete search with dn "CN={username},OU=Users,DC=my,DC=domain,DC=de", query "(&(memberof:1.2.840.113556.1.4.1941:=CN=MyGroup,OU=Groups,DC=my,DC=domain,DC=de))" and filters "*".
Looking at the code there is something different happening to dn_string then to query_string.
For now I'm fine with removing CN={username}, from the config, but either it's a bug/issue or a wrong documentation.