Merged in from STABLE trunk.

KTS-3752 "CLONE -Authentication problem: (many) users can login without a correct password (SUP-1086)" Fixed. Committed By: Conrad Vermeulen Reviewed By: megan watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/branches/3.5.3a-Release-Branch@9419 c91229c3-7414-0410-bfa2-8a42b809f60b

Merged in from STABLE trunk.
KTS-3752 "CLONE -Authentication problem: (many) users can login without a correct password (SUP-1086)" Fixed. Committed By: Conrad Vermeulen Reviewed By: megan watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/branches/3.5.3a-Release-Branch@9419 c91229c3-7414-0410-bfa2-8a42b809f60b
kevin_fourie
1 parent 5d48768c
Showing 1 changed file with 9 additions and 1 deletions
plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php
@@ -741,6 +741,10 @@ class KTLDAPBaseAuthenticator extends Authenticator {
      */
     function checkPassword($oUser, $sPassword) {
         $dn = $oUser->getAuthenticationDetails();
+        if (is_null($dn))
+        {
+            return new PEAR_Error(_kt('Please consult your system administrator. The authentication parameters are corrupt. (authentication_detail_s1 is null)'));
+        }
         $config = array(
             'host' => $this->sLdapServer,
             'base' => $this->sBaseDN,
@@ -796,11 +800,15 @@ class KTLDAPBaseAuthenticator extends Authenticator {
             return $aResults;
         }
         foreach($aResults as $aEntry){
-            if($aEntry['sAMAccountName'] == $sName){
+            if (strcasecmp($aEntry['sAMAccountName'], $sName) == 0) {
                 $newDn = $aEntry['dn'];
                 break;
             }
         }
+        if (empty($newDn))
+        {
+            return false;
+        }
  
         $res = $this->oLdap->reBind($newDn, $sPassword);