How to get plain password user with Symfony2?

Question

I have to get the user's plain password for LDAP authentification and then retrieve LDAP user informations in the Active Directory with Symfony2.

/**
 * @Route("/infos-profil/{id}", name="infos_profil")
 * @Template()
 */
public function infosProfilAction($id)
{
    $em = $this->getDoctrine()->getManager();
    $user = $em->getRepository('MyUserBundle:LdapUser')->find($id); // Find User Entity
    if (!$user) {
        throw $this->createNotFoundException('Unable to find LdapUser entity.');
    }
    $login = $user->getUsername(); // Login
    $pass = $user->getPlainPassword(); // Password
    $ds = ldap_connect("12.34.56.789");  // Domain connexion
    if ($ds) {
        $r = ldap_bind($ds, $login, $pass); // LDAP User connexion
        if ($r) {
            $filter = "(&(objectClass=user)(samaccountname=".$login.")(cn=*))";
            $sr=ldap_search($ds, "ou=DOMAIN, ou=Test, ou=Users, dc=ats, dc=lan", $filter);
            $info = ldap_get_entries($ds, $sr); // Retrieve user's Active Direcory informations
        }
    }
    return array(
        'user' => $user,
        'info' => $info,
}

But it doesn't work, $pass is empty. When I put the plain password manually in the ldap_bind() function it works perfectly, I just have to get the plain password ! ...

Is it possible ?

Answer 1

It isn't possible to retrieve plain password from database for obvious security reasons.

For your problem, you should create a custom Authentication Provider, following this tutorial : https://symfony.com/doc/4.4/security/custom_authentication_provider.html

This way, your provider will get the plain password from the login form and you will be able to send it to your LDAP server.