diff --git a/Readme.md b/Readme.md index 3452374..d280959 100644 --- a/Readme.md +++ b/Readme.md @@ -67,6 +67,20 @@ Alternatively, you can download the [`ldap-auth-service-provider.zip`][1] file a The Ldap related code depends on [`zend-ldap`](https://github.com/zendframework/zend-ldap), so all configuration options are just passed through. For more details check the [`zend-ldap docs`](http://framework.zend.com/manual/current/en/index.html#zend-ldap). +In addition the provider allows to configure a list of hosts to try. If none in the list can't be connected, the regularly configured host is used as +last resort. + +Example: +```` +ldap: + ldap: + hosts: + - ldap1 + - ldap2 + host: localhost +```` +In this case the code will try to connect in the order: ldap1, ldap2, localhost. + ### Custom user class The LdapUserProvider class allows to configure a custom User class to be used. diff --git a/src/LdapAuthenticationServiceProvider.php b/src/LdapAuthenticationServiceProvider.php index 002af9f..8ad8bec 100755 --- a/src/LdapAuthenticationServiceProvider.php +++ b/src/LdapAuthenticationServiceProvider.php @@ -75,8 +75,40 @@ public function register(Container $app) // the actual Ldap resource if (!isset($app['security.ldap.'.$serviceName.'.ldap'])) { $app['security.ldap.'.$serviceName.'.ldap'] = function () use ($app, $serviceName) { - // we need just the ldap options here - return new Ldap($app['security.ldap.config']($serviceName)['ldap']); + // ldap options + $options = $app['security.ldap.config']($serviceName)['ldap']; + + // check for host list + if (array_key_exists('hosts', $options) && is_array($options['hosts'])) { + // keep local + $hosts = $options['hosts']; + + // remove from options... + unset($options['hosts']); + + foreach ($hosts as $host) { + try { + // do not override default host + $ldap = new Ldap(array_merge($options, ['host' => $host])); + + // force connect... + $ldap->getResource(); + + return $ldap; + } catch (LdapException $le) { + if ($app->offsetExists('logger')) { + $app['logger']->warning(sprintf('LDAP: Failed connecting to host: %s', $host)); + } + } + } + } + + if ($app->offsetExists('logger')) { + $app['logger']->info(sprintf('LDAP: Using default host: %s', $options['host'])); + } + + // just pass through all options using configured (single) host + return new Ldap($options); }; } diff --git a/src/Silex1LdapAuthenticationServiceProvider.php b/src/Silex1LdapAuthenticationServiceProvider.php index 806fbed..32cf705 100755 --- a/src/Silex1LdapAuthenticationServiceProvider.php +++ b/src/Silex1LdapAuthenticationServiceProvider.php @@ -75,8 +75,40 @@ public function register(Application $app) // the actual Ldap resource if (!isset($app['security.ldap.'.$serviceName.'.ldap'])) { $app['security.ldap.'.$serviceName.'.ldap'] = function () use ($app, $serviceName) { - // we need just the ldap options here - return new Ldap($app['security.ldap.config']($serviceName)['ldap']); + // ldap options + $options = $app['security.ldap.config']($serviceName)['ldap']; + + // check for host list + if (array_key_exists('hosts', $options) && is_array($options['hosts'])) { + // keep local + $hosts = $options['hosts']; + + // remove from options... + unset($options['hosts']); + + foreach ($hosts as $host) { + try { + // do not override default host + $ldap = new Ldap(array_merge($options, ['host' => $host])); + + // force connect... + $ldap->getResource(); + + return $ldap; + } catch (LdapException $le) { + if ($app->offsetExists('logger')) { + $app['logger']->warning(sprintf('LDAP: Failed connecting to host: %s', $host)); + } + } + } + } + + if ($app->offsetExists('logger')) { + $app['logger']->info(sprintf('LDAP: Using default host: %s', $options['host'])); + } + + // just pass through all options using configured (single) host + return new Ldap($options); }; }