Skip to content

LdapUser password property accessed before initialization #60652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
trobin91 opened this issue Jun 3, 2025 · 2 comments
Closed

LdapUser password property accessed before initialization #60652

trobin91 opened this issue Jun 3, 2025 · 2 comments
Labels
Bug Ldap Status: Needs Review

Comments

@trobin91
Copy link

trobin91 commented Jun 3, 2025

Symfony version(s) affected

7.3.0

Description

Since upgrading the Symfony framework from 7.2.6 to 7.3.0, I consistently have the following error using the symfony/ldap component when logging to my app:

Error:
Typed property Symfony\Component\Ldap\Security\LdapUser::$password must not be accessed before initialization

  at vendor/symfony/ldap/Security/LdapUser.php:50
  at Symfony\Component\Ldap\Security\LdapUser->getPassword()
     (vendor/symfony/ldap/Security/LdapUserProvider.php:106)
  at Symfony\Component\Ldap\Security\LdapUserProvider->refreshUser()
     (vendor/symfony/security-http/Firewall/ContextListener.php:212)
  at Symfony\Component\Security\Http\Firewall\ContextListener->refreshUser()
     (vendor/symfony/security-http/Firewall/ContextListener.php:129)
  at Symfony\Component\Security\Http\Firewall\ContextListener->authenticate()
     (vendor/symfony/security-bundle/Debug/WrappedLazyListener.php:46)
  at Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener->authenticate()
     (vendor/symfony/security-bundle/Security/LazyFirewallContext.php:61)
  at Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext->__invoke()
     (vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php:91)
  at Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener->callListeners()
     (vendor/symfony/security-http/Firewall.php:92)
  at Symfony\Component\Security\Http\Firewall->onKernelRequest()
     (vendor/symfony/event-dispatcher/Debug/WrappedListener.php:115)
  at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke()
     (vendor/symfony/event-dispatcher/EventDispatcher.php:206)
  at Symfony\Component\EventDispatcher\EventDispatcher->callListeners()
     (vendor/symfony/event-dispatcher/EventDispatcher.php:56)
  at Symfony\Component\EventDispatcher\EventDispatcher->dispatch()
     (vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:126)
  at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch()
     (vendor/symfony/http-kernel/HttpKernel.php:159)
  at Symfony\Component\HttpKernel\HttpKernel->handleRaw()
     (vendor/symfony/http-kernel/HttpKernel.php:76)
  at Symfony\Component\HttpKernel\HttpKernel->handle()
     (vendor/symfony/http-kernel/Kernel.php:182)
  at Symfony\Component\HttpKernel\Kernel->handle()
     (vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php:35)
  at Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner->run()
     (vendor/autoload_runtime.php:29)
  at require_once('/var/www/html/vendor/autoload_runtime.php')
     (public/index.php:5)

How to reproduce

Here is my configuration that was previously working on 7.2.6, based on the official documentation:

config/services.yaml

services:
    ...
    Symfony\Component\Ldap\Ldap:
        arguments: ['@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter']
        tags:
            - ldap
    Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
        arguments:
            - host: "%env(LDAP_HOST)%"
              port: 389
              encryption: none
              options:
                  protocol_version: 3
                  referrals: false

config/packages/security.yaml

security:
    ...
    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
    providers:
        ldap_provider:
            ldap:
                service: Symfony\Component\Ldap\Ldap
                base_dn: "%env(LDAP_BASE_DN)%"
                search_dn: "%env(LDAP_BIND_DN)%"
                search_password:  "%env(LDAP_BIND_PASSWORD)%"
                default_roles: ROLE_USER
                extra_fields: ['mail']
    firewalls:
        # activate different ways to authenticate
        # https://symfony.com/doc/current/security.html#the-firewall
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            lazy: true
            form_login_ldap:
                service: Symfony\Component\Ldap\Ldap
                provider: ldap_provider
                login_path: app_login
                check_path: app_login
                dn_string: "{user_identifier}@%env(LDAP_DOMAIN)%"
                enable_csrf: true
            logout:
                path: /logout
                target: app_login

Possible Solution

No response

Additional Context

No response
@trobin91 trobin91 added the Bug label Jun 3, 2025
@MatTheCat
Copy link
Contributor

Duplicate of #60635 and fixed by #60626 😀

@trobin91
Copy link
Author

trobin91 commented Jun 3, 2025

Don't know how I did not find them while searching for similar issues...
Anyway thank you very much !

@trobin91 trobin91 closed this as completed Jun 3, 2025
@xabbuh xabbuh added the Ldap label Jun 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Ldap Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@MatTheCat @xabbuh @carsonbot @trobin91