diff options
| author | Evan Prodromou <evan@status.net> | 2010-03-13 06:36:25 -0600 |
|---|---|---|
| committer | Evan Prodromou <evan@status.net> | 2010-03-13 06:36:25 -0600 |
| commit | c1e96cbdefa66e66815c421378b9452d7c8d5548 (patch) | |
| tree | a08e80d705d08ffb33233991bf80e7c19867552a /plugins/LdapAuthorization/LdapAuthorizationPlugin.php | |
| parent | a2cc26ba8a21aa3614ebfc4a77c0bec9ffb2655d (diff) | |
| parent | 9e9ab23e1f936eb62014d8f7b0051f0314ae482c (diff) | |
Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing
Diffstat (limited to 'plugins/LdapAuthorization/LdapAuthorizationPlugin.php')
| -rw-r--r-- | plugins/LdapAuthorization/LdapAuthorizationPlugin.php | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php index 7f48ce5e1..042b2db8d 100644 --- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php +++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php @@ -131,13 +131,13 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin { $ldap = $this->ldap_get_connection(); $link = $ldap->getLink(); - $r = ldap_compare($link, $groupDn, $this->uniqueMember_attribute, $userDn); + $r = @ldap_compare($link, $groupDn, $this->uniqueMember_attribute, $userDn); if ($r === true){ return true; }else if($r === false){ return false; }else{ - common_log(LOG_ERR, ldap_error($r)); + common_log(LOG_ERR, "LDAP error determining if userDn=$userDn is a member of groupDn=groupDn using uniqueMember_attribute=$this->uniqueMember_attribute error: ".ldap_error($link)); return false; } } @@ -167,7 +167,12 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin $ldap->setErrorHandling(PEAR_ERROR_RETURN); $err=$ldap->bind(); if (Net_LDAP2::isError($err)) { - common_log(LOG_WARNING, 'Could not connect to LDAP server: '.$err->getMessage()); + // if we were called with a config, assume caller will handle + // incorrect username/password (LDAP_INVALID_CREDENTIALS) + if (isset($config) && $err->getCode() == 0x31) { + return null; + } + throw new Exception('Could not connect to LDAP server: '.$err->getMessage()); return false; } if($config == null) $this->default_ldap=$ldap; @@ -185,6 +190,9 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin if($ldap==null) { $ldap = $this->ldap_get_connection(); } + if(! $ldap) { + throw new Exception("Could not connect to LDAP"); + } $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'attributes' => $attributes |