summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCraig Andrews <candrews@integralblue.com>2010-04-17 15:09:56 -0400
committerCraig Andrews <candrews@integralblue.com>2010-04-17 15:09:56 -0400
commit23bad16bba52a09f0cea3d2c40e6cf91e2945e37 (patch)
treeb745ce95b218fa9d8b44f26136bbb999e439c357
parentffd688b8ef9103a6677f91056e2220c8e3edd665 (diff)
don't attempt to read a user's ldap password
-rw-r--r--plugins/LdapAuthentication/LdapAuthenticationPlugin.php7
1 files changed, 6 insertions, 1 deletions
diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
index 2e01738ec..0dfc4c63b 100644
--- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
+++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php
@@ -96,7 +96,12 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin
if($entry){
$registration_data = array();
foreach($this->attributes as $sn_attribute=>$ldap_attribute){
- $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single');
+ //ldap won't let us read a user's password,
+ //and we're going to set the password to a random string later anyways,
+ //so don't bother trying to read it.
+ if($sn_attribute != 'password'){
+ $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single');
+ }
}
if(isset($registration_data['email']) && !empty($registration_data['email'])){
$registration_data['email_confirmed']=true;