diff --git a/modules/ldap/lib/Auth/Process/BaseFilter.php b/modules/ldap/lib/Auth/Process/BaseFilter.php
index 41261d2448b59a68199672daf7e02ae59105cdc6..2b6d5ba2b15791dbeae92a73cf6561e4ef3937cf 100644
--- a/modules/ldap/lib/Auth/Process/BaseFilter.php
+++ b/modules/ldap/lib/Auth/Process/BaseFilter.php
@@ -156,6 +156,9 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce
if (isset($authsource['debug'])) {
$authconfig['ldap.debug'] = $authsource['debug'];
}
+ if (isset($authsource['referrals'])) {
+ $authconfig['ldap.referrals'] = $authsource['referrals'];
+ }
// only set when search.enabled = true
if (isset($authsource['search.enable']) && $authsource['search.enable']) {
if (isset($authsource['search.base'])) {
@@ -262,6 +265,7 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce
$port = $this->config->getInteger('ldap.port', 389);
$enable_tls = $this->config->getBoolean('ldap.enable_tls', false);
$debug = $this->config->getBoolean('ldap.debug', false);
+ $referrals = $this->config->getBoolean('ldap.referrals', true);
$timeout = $this->config->getInteger('ldap.timeout', 0);
$username = $this->config->getString('ldap.username', null);
$password = $this->config->getString('ldap.password', null);
@@ -273,13 +277,14 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce
' Port: ' . $port .
' Enable TLS: ' . ($enable_tls ? 'Yes' : 'No') .
' Debug: ' . ($debug ? 'Yes' : 'No') .
+ ' Referrals: ' . ($referrals ? 'Yes' : 'No') .
' Timeout: ' . $timeout .
' Username: ' . $username .
' Password: ' . str_repeat('*', strlen($password))
);
// Connect to the LDAP server to be queried during processing
- $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port);
+ $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port, $referrals);
$this->ldap->bind($username, $password);
// All done