Commit bb6e45a7fc24475d4e22405c073889dec7f88acc
1 parent
7cb788c8
added check for null password- so we don't ldap bind anonymously
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1631 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
lib/authentication/LDAPAuthenticator.inc
| ... | ... | @@ -59,7 +59,7 @@ class LDAPAuthenticator extends Authenticator { |
| 59 | 59 | if ($this->oLdap->connect()) { |
| 60 | 60 | // lookup dn from username - must exist in db |
| 61 | 61 | $sBindDn = lookupField($default->owl_users_table, "ldap_dn", "username", $sUserName); |
| 62 | - if ($sBindDn) { | |
| 62 | + if ($sBindDn && $sPassword) { | |
| 63 | 63 | if ( $this->oLdap->authBind($sBindDn, $sPassword) ) { |
| 64 | 64 | return true; |
| 65 | 65 | } else { | ... | ... |