summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeffery To <jeffery.to@gmail.com>2010-03-05 17:54:53 +0800
committerCraig Andrews <candrews@integralblue.com>2010-03-08 13:14:41 -0500
commit3f696ff0ed4be5791edd38cf7b2a98a364b95676 (patch)
treed7e42e24ea0ddbc79afa3df6b41b516ef5c2769b
parentb8cb3d2833a5de39e51d5beb463ab8a0d218bbdb (diff)
ldap_get_connection() to return null when passed a config with bad user/pw.
This mainly affects login; before if the user enters a valid username but invalid password, ldap_get_connection() throws an LDAP_INVALID_CREDENTIALS error. Now the user sees the regular "Incorrect username of password" error message.
-rw-r--r--plugins/LdapAuthentication/LdapAuthenticationPlugin.php5
-rw-r--r--plugins/LdapAuthorization/LdapAuthorizationPlugin.php5
2 files changed, 10 insertions, 0 deletions
diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
index e0fd615dd..483209676 100644
--- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
+++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
@@ -224,6 +224,11 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin
$ldap->setErrorHandling(PEAR_ERROR_RETURN);
$err=$ldap->bind();
if (Net_LDAP2::isError($err)) {
+ // if we were called with a config, assume caller will handle
+ // incorrect username/password (LDAP_INVALID_CREDENTIALS)
+ if (isset($config) && $err->getCode() == 0x31) {
+ return null;
+ }
throw new Exception('Could not connect to LDAP server: '.$err->getMessage());
}
if($config == null) $this->default_ldap=$ldap;
diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
index 19aff42b8..2608025dd 100644
--- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
+++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
@@ -167,6 +167,11 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
$ldap->setErrorHandling(PEAR_ERROR_RETURN);
$err=$ldap->bind();
if (Net_LDAP2::isError($err)) {
+ // if we were called with a config, assume caller will handle
+ // incorrect username/password (LDAP_INVALID_CREDENTIALS)
+ if (isset($config) && $err->getCode() == 0x31) {
+ return null;
+ }
throw new Exception('Could not connect to LDAP server: '.$err->getMessage());
return false;
}