Anonymous binding each time

[stoicadl]

I can authenticate using ldaprecord and Laravel UI.
LDAP_HOST=ldap.forumsys.com LDAP_USERNAME=null LDAP_PASSWORD=null LDAP_PORT=389 LDAP_BASE_DN="dc=example,dc=com" LDAP_TIMEOUT=5 LDAP_SSL=false LDAP_TLS=false

But after, each time, when I use Auth::check(), it is binding anonymous whitch increase time for showing a view.
LOG.info: LDAP (ldap://ldap.forumsys.com:389) - Operation: Binding - Username: LOG.info: LDAP (ldap://ldap.forumsys.com:389) - Operation: Bound - Username: LOG.info: LDAP (ldap://ldap.forumsys.com:389) - Operation: Search - Base DN: dc=example,dc=com

It is possible to avoid this after loging?

[stevebauman]

Hi there @stoicadl,

I’ll need to know a bit more about your auth setup to assist you.

What method did you use for authentication?

Plain Authentication or Synchronized Database Authentication?

https://ldaprecord.com/docs/laravel/v2/auth

[stoicadl]

// config/auth.php
    'providers' => [

        'users' => [
            'driver' => 'ldap',
            //'model' => LdapRecord\Models\ActiveDirectory\User::class,
            'model' => LdapRecord\Models\OpenLDAP\User::class,
        ],

https://ldaprecord.com/docs/laravel/v2/auth/plain/laravel-breeze/#login-request-1
//\Http\Request\Auth\LoginRequest.php:

   public function rules()
    {
        return [
            'username' => 'required|string',
            'password' => 'required|string',
        ];
    }

    public function authenticate()
    {
        $this->ensureIsNotRateLimited();

        $credentials = [
            'uid' => $this->username,
            'password' => $this->password,
        ];

        if (! Auth::attempt($credentials, $remember = false)) { //$this->filled('remember')
            RateLimiter::hit($this->throttleKey());
    
            throw ValidationException::withMessages([
                'username' => __('auth.failed'),
            ]);
        }
    
        RateLimiter::clear($this->throttleKey());
    }

    public function throttleKey()
    {
        return Str::transliterate(Str::lower($this->input('username')).'|'.$this->ip());
    }

[stevebauman]

Apologies for the late reply @stoicadl!

By the way you've set up LdapRecord, yes this is intended. Since you've chosen to implement Plain Authentication, your LDAP server acts as a database for your users to maintain the users authenticated session. This is shown on the LdapRecord documenation:

If you do not want this behaviour to occur, you will have to implement Database Synchronization.

I hope this answers your question!

[stoicadl]

I have implemented Database Synchronization - thank you for the answer!

[stevebauman]

Happy to help @stoicadl! 🙏

[stoicadl]

It's enough the code I send?