mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 05:34:06 -08:00
Fixed #11509: Allow LDAP anonymous bind.
This commit is contained in:
parent
e72c4f989f
commit
9d627936e6
|
@ -176,16 +176,22 @@ class Ldap extends Model
|
||||||
throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
|
throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! $ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
|
if ( $ldap_username ) {
|
||||||
throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
|
if (! $ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
|
||||||
}
|
throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
|
||||||
// TODO - this just "falls off the end" but the function states that it should return true or false
|
}
|
||||||
// unfortunately, one of the use cases for this function is wrong and *needs* for that failure mode to fire
|
// TODO - this just "falls off the end" but the function states that it should return true or false
|
||||||
// so I don't want to fix this right now.
|
// unfortunately, one of the use cases for this function is wrong and *needs* for that failure mode to fire
|
||||||
// this method MODIFIES STATE on the passed-in $connection and just returns true or false (or, in this case, undefined)
|
// so I don't want to fix this right now.
|
||||||
// at the next refactor, this should be appropriately modified to be more consistent.
|
// this method MODIFIES STATE on the passed-in $connection and just returns true or false (or, in this case, undefined)
|
||||||
}
|
// at the next refactor, this should be appropriately modified to be more consistent.
|
||||||
|
} else {
|
||||||
|
// LDAP should also work with anonymous bind (no dn, no password available)
|
||||||
|
if (! $ldapbind = @ldap_bind($connection )) {
|
||||||
|
throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Parse and map LDAP attributes based on settings
|
* Parse and map LDAP attributes based on settings
|
||||||
|
|
Loading…
Reference in a new issue