Checked different ways to authenticate users in an windows environment. At least i realised the simplest way would be to let it do by the webserver himself:

Enable windows authentificaion in your IIS authentification settings.

Create a user entity:

# src/AppBundle/Entity/User.php

namespace AppBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * @ORM\Table(name="users")
 * @ORM\Entity()
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;


    public function getUsername()
    {
        return $this->username;
    }

    public function getSalt()
    {
        return null;
    }

    public function getPassword()
    {
        return null;
    }

    public function getRoles()
    {
        return array('ROLE_USER');
    }

    public function eraseCredentials()
    {
    }

    /** @see \Serializable::serialize() */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
        ));
    }

    /** @see \Serializable::unserialize() */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            ) = unserialize($serialized);
    }
}

Next, make sure to create the database table:

php bin/console doctrine:schema:update --force

Configure your user provider:

# app/config/security.yml

    providers:
        user_db_provider:
            entity:
                class: AppBundle:User
                property: username

Enable REMOTE_USER based authentication in your security.yml:

# app/config/security.yml

    firewalls:
        main:
            pattern: ^/
            remote_user:
                provider: user_db_provider

Insert your first user with username as DOMAIN\user in your db and you will be fine. For debugging print out $_SERVER and look for REMOTE_USER is filled with your desired username.

Leave a Comment

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.