LDAP Backend Login (incl. SSO / Single Sign-On)

LDAP Backend Login (incl. SSO / Single Sign-On)

Source Available
12 Downloads
This manufacturer responds very quickly to support requests
    Ropi445776816379
  • 1.1.1
  • 3 May 2019
  • de_DE en_GB
  • from robertpiplica
  • 5.2.11 – 5.2.27
    5.3.0 – 5.3.7
    5.4.0 – 5.4.6
    5.5.0 – 5.5.10
    5.6.0 – 5.6.4
LDAP Backend Login The plugin enables authentication via LDAP to your Shopware backend. SSO /... more

Product information

LDAP Backend Login

The plugin enables authentication via LDAP to your Shopware backend.
SSO / Single Sign-On is also supported (e.g. via Kerberos or Shibboleth).

Functionality

In the plugin settings you have to configure a so-called LDAP bind user. With the help of this bind user, the plugin will search for the authenticating user via LDAP on each backend login. For the LDAP user search a filter can be configured. If the user was found and the password matches, a new backend user is automatically created in Shopware and the user will be directly logged in. The data for the new backend user will be fetched via LDAP. A cronjob periodically updates the data of the created Shopware backend users (e. g. name changes in directory service or account will be deleted in directory service etc.). LDAP will be accessed read-only by the plugin.

Regular Shopware backend users can still log in without LDAP authentication.

Show full description
Read, write and discuss reviews... more

Customer reviews

Average customer rating from 1 reviews:

Total (1)
Functionality
Usability
Documentation
Support

Fantastic support with a great module

27 Feb 2019

This module streamlined our Shopware integration to our LDAP environment, we had a minor hiccup but the developer provided fantastic support with a quick bug fix

Total
Functionality
Usability
Documentation
Support

Installation manual

Important

Before buying this plugin, please use the trial version to make sure that this plugin is compatible with your Shopware environment and directory service.

Required PHP modules

  1. ldap
  2. openssl
  3. reflection

LDAP Version

Currently only protocol version 3 is supported.

Configuration

Hostname of LDAP server

Here you have to specifiy the host name or the IP address of the directory service to which you want to connect via LDAP (e.g. openldap.example.org or 120.14.6.17).

Port of LDAP server

Here you have to specifiy the port number on which the directory service listens for LDAP connections (usually 389).

Encryption Protocol

Select the type of encryption to use for the LDAP connection. Please note when using LDAPS usually a special port has to be configured (usually 636).

Bind DN

Here you have to specify the full DN of the bind user (e.g. exampledomain\ldap-user or cn=ldap-user,dc=example,dc=org). This user searches for user accounts via LDAP on each backend login or while synchronization cronjob is running. LDAP will be accessed always read-only.

Password

Here you have to specify the associated password for the bind user which you have defined above.

Base DN of Users

Here you have to specify the DN with which to search for LDAP users who are allowed to log in to your Shopware backend (e.g. ou=shopwareusers,dc=example,dc=org)

User Filter Pattern

Here you have to define the filter constraint with which to search for LDAP users. You can specifiy any LDAP search filter (RFC 4515 or RFC 2254), e.g. cn={$username} or (&(cn={$username})(objectClass=person)(objectClass=user)). The placeholder {$username} will be replaced with the value that the user enters in the username field of the backend login mask.

User's full name Attribute

Here you have to specify the attribute to use as user's full name within Shopware. Usually this should be the first and last name (e.g. cn).

Mail Attribute

Here you have to specify the attribute to use as mail address within Shopware.

Fallback E-Mail-Adresse

Here you have to specify a mail address that will be assigned to the Shopware user if no mail address can be fetched via LDAP.

User Role ID

Here you have to specify the ID of the Shopware user role that is assigned to users who log in for the first time (in a default Shopware installation the ID 1 corresponds to the role local_admins). The IDs of the roles can be found in the Shopware database table s_core_auth_roles. Once a user is logged in via LDAP, you can assign an individual role via the Shopware backend.

Locale ID

Here you have to specify the ID of the Shopware locale that is assigned to the users who log in for the first time (in a default Shopware installation the ID 1 corresponds to the locale de_DE). This locale ID will be assigned only to users, which does not select a language in the login mask. The IDs of the locales can be found in the Shopware database table s_core_locales.

Debug Mode

If activated, all debug information is logged via the Shopware Pluginlogger (file path var/log/plugin_CONTEXT-YYYY-MM-DD). Helpful for the initial plugin setup or problem analysis.

Cronjob

After successful configuration of the plugin, you should configure the cronjob for the synchronization of user data. This can be done with the cronjob manager of Shopware. The plugin has created the job Synchronize LDAP backend users. You just have to activate it.

Alternatively, you can also directly configure the following CLI command in crontab:
php bin/console ropildapbackendlogin:synchronise:users

Changelog

Version 1.1.1

SSO authentication now works with proxies too (REDIRECT_REMOTE_USER)

Version 1.1.0

SSO authentication based on REMOTE_USER (Kerberos, Shibboleth etc.)

Version 1.0.1

Active Directory: In addition to NORMAL_ACCOUNT, other account types are now supported

Version 1.0.0

First release of plugin

About the manufacturer

robertpiplica robertpiplica 4 Extensions 5 Ø Rating

Version:

€ 299.00 *

Recently viewed