Skip to content
Snippets Groups Projects
Commit ac9d7969 authored by Hans Zandbelt's avatar Hans Zandbelt
Browse files

do not bind to LDAP with an empty password; avoid an issue with some LDAP... 

do not bind to LDAP with an empty password; avoid an issue with some LDAP implementations that consider an empty password a valid anonymous authentication attempt (thanks to: menno.pieters@igi.nl)

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1038 44740490-163a-0410-bde0-09ae8108e29a
parent f9caf568
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
www/auth/login-ldapmulti.php
+ 1
1
View file @ ac9d7969
...@@ -45,7 +45,7 @@ if (isset($_POST['username'])) { ...@@ -45,7 +45,7 @@ if (isset($_POST['username'])) {
$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['hostname'], $ldapconfig['enable_tls']); $ldap = new SimpleSAML_Auth_LDAP($ldapconfig['hostname'], $ldapconfig['enable_tls']);
if (!$ldap->bind($dn, $pwd)) { if (($pwd == "") or (!$ldap->bind($dn, $pwd))) {
SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' failed to authenticate. DN=' . $dn); SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' failed to authenticate. DN=' . $dn);
throw new Exception('Wrong username or password'); throw new Exception('Wrong username or password');
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment