revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-26 08:42:41 +01:00
Code Issues Releases Wiki Activity

<LDAP: If available use DN from previously retrieved user>

Browse source 
Summary:
When searching for a user before logging in use the DN from the retrived user.
This allows you to use a less fine grained DN when searching for a user. For example dc=domain,dc=domain instead of ou=unit,dc=domain,dc=com.

Test Plan: Tested on local install with ldap.search-first disabled and enabled.

Reviewers: epriestley, yunake

Reviewed By: epriestley

CC: auduny, briancline, aran, Korvin, vsuba

Differential Revision: https://secure.phabricator.com/D3549
This commit is contained in:
Espen Volden 2012-11-17 04:46:53 -08:00 committed by epriestley
parent f47c0a3a06
commit 874fb9b6d9
1 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/applications/auth/ldap/PhabricatorLDAPProvider.php
View file

@ -142,6 +142,9 @@ final class PhabricatorLDAPProvider {
if ($activeDirectoryDomain) {
$dn = $username.'@'.$activeDirectoryDomain;
} else {
if (isset($user)) {
$dn = $user['dn'];
} else {
$dn = ldap_sprintf(
'%Q=%s,%Q',
@ -149,6 +152,7 @@ final class PhabricatorLDAPProvider {
$username,
$this->getBaseDN());
}
}
// NOTE: It is very important we suppress any messages that occur here,
// because it logs passwords if it reaches an error log of any sort.