Usage of user's LDAP/AD password

[edrush]

Hi,

I seem to have a lack of understanding the principle here: we'd like to use the setup of FOSUserBundle combined with FR3DLdapBundle. I did read about it, followed the documentation, I am also able to login via LDAP and a new user entity is getting persisted in my database.

But what about the user's password? After successfully authenticating against LDAP, somewhere deep in Symfony's core there is the DaoAuthenticationProvider, telling me that 'The presented password is invalid.', correct, since the user object's password is not set. I suppose this is some kind of correct. Maybe I should never get to this provider? I can imagine to create a custom hydrator and make it set the password to the new user object. But I guess that is not the way it should work.

I was expecting that either the password never gets stored in my database and will always be authenticated against LDAP/Active Directory. Or it will get stored redundantly, always synced from LDAP/Active Directory.

I didn't find, yet, an explanation how this is meant to work. I appreciate your help and/or questions, maybe it is just some wrong assumption...

[edrush]

Hi, any help would be appreciated...am I the only one to struggle on this, do you need more explanation?

Regards!

[edrush]

Ok sorry, the reason was a security configuration issue. We spread configuration over multiple files...

[edrush]

No, that was not the problem. Does anyone use this package with Symfony3?

[edrush]

So why would Symfony want to compare passwords again, after LDAP successfully authenticated. I have the feeling I shouldn't get into DaoAuthenticationProvider.