I'm trying to create a fosuserbundle for a quite strange use case, which is mandatory requirement, so no space to diplomacy. Use case is as follow:
- users in a mongo db table populated by jms messages -no registration form
- users log in by ldap
- user record not created by ldap, after a successful login username is checked against mongodb document
Considering that ldap could successfully log in people that exhist in ldap but cannot access site (but login is still successful), what could be the best way to perform such authentication chain?
I was thinking about some possible options:
- listen on interactive login event, but imho there's no way to modify an onSuccess event
- create a custom AuthenticationListener to do another check inside onSuccess method
- chain authentication using scheb two-factor bundle
any hint?