ZF-994: New Zend_Auth LDAP adapter

Issue Type: New Feature Created: 2007-03-01T09:32:04.000+0000 Last Updated: 2008-03-21T16:25:18.000+0000 Status: Resolved Fix version(s): - 1.5.0 (17/Mar/08)

Reporter: Darby Felton (darby) Assignee: Darby Felton (darby) Tags: - Zend_Auth

Related issues: Attachments: - Ldap.php


In response to interest in an LDAP adapter for authentication, this issue is created to track the adapter development.

Contributions from the community are most welcome!


Posted by Vincent Dupont ( on 2007-03-02T00:48:34.000+0000

Hello Darby,

I would really appreciate to contribute to this topic. However, I only have a few hours a week to work on it. So it may be not ready for 0.9

I'll need some help on the process ( svn, incubator, etc) as this is my first contribution (I use to do translations)


Posted by Darby Felton (darby) on 2007-03-02T08:46:13.000+0000

Hi Vincent,

It's fine that this may not be ready for 0.9.0; it could be released in a later version after 1.0.0, but it's not too early to get started. I suspect that scope creep will be an issue with this adapter, and probably we'll find that we need a proposal for it. In the meantime, however, we can use this JIRA issue to track whatever discoveries are made.

As a bonus, nearly any formatting you might use herein would also be transferable to the proposal, since it supports the same wiki format.

Posted by Vincent Dupont ( on 2007-03-19T02:31:33.000+0000

Hi Darby, and the others

I finally started the draft proposal for Zend_Auth_LDAP

The idea is very simple : take the login and password provided by the user (login form), and use them to connect the the LDAP server. If needed, concat the username (myusername) with the domain name (\mydomain => \mydomain\myusername).

If the connection succeeds, then this is because the user/password match those of the LDAP directory. Else, we have a problem...

We use this for ages against various Active Directory servers for intranets and extranets. This works very well and is reliable. However, wrong authentication with the same login will lock the windows account in the same way the windows account can be locked from a windows station. So, if some nasty boy tries to figure out the password of their friend, and if they make 3 successive errors, the login of their friend will be locked. The unlock procedure is to be defined inside the Active Directory. At some places, the account is always unlocked after a hour, in some other places we need a manual unlock...

I never tested this solution agains another LDAP server. If someone has more exeprience on OpenLDAP or others, please tell me.

The ldap Auth will only return a true/false, and will NOT fetch more information about he user from the LDAP directory. This may be the work of the Zend_LDAP.


Posted by Vincent Dupont ( on 2007-03-19T17:13:58.000+0000

Maybe we should change the name to be Zend_Auth_Adapter_LDAP, so as to match the exsting Zend_Auth_Adapter_HTTP...

Posted by Vincent Dupont ( on 2007-05-10T14:46:53.000+0000


I finally have something that (should) work and I'd like the opinion of users.

I added all phpdoc comments I could. I also let many comments into the source code so as to help for a code revue.

Don't hesitate to give me your comments. I know the code is not perfect, but the functionality seem to be ok.


Posted by Vincent Dupont ( on 2007-05-10T15:06:47.000+0000


This the first release of the Zend_Auth_Adapter_Ldap. Download the file and paste into /Zend/Auth/Adapter/

A code sample is into the source file PHPDocs

enjoy! vincent

Posted by Wil Sinclair (wil) on 2007-11-08T21:52:56.000+0000

We now have two proposals under construction for this component:……

We must move a proposal forward for this- either one of these or a new one. Currently, the Zend team would prefer for this to be largely community-driven, since the community has given it relatively significant time, thought, and interest. If you have a proposal that is currently under construction or you'd like to submit a new one, please notify Darby Felton (the Zend team liason for this project) so that we can get this on the map for the next release.

Posted by Wil Sinclair (wil) on 2007-11-15T16:09:14.000+0000

Darby will be driving this effort for inclusion in 1.1.

Posted by Darby Felton (darby) on 2007-12-18T13:48:57.000+0000

Planning to drive this proposal by [~miallen].

Posted by Darby Felton (darby) on 2007-12-18T14:27:00.000+0000

To all readers - this means you - please review the new proposal and post comments with feedback there. ;)

Zend_Auth_Adapter_Ldap by Michael B Allen

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.