Commit c6998e2fcce7db21a2a8aedf25a39a0cfca7a971
1 parent
acd1ba97
KTC-89
"Unregistered Users from Active Directory Authenticated Sources can log onto KT without needing to enter a password. " Fixed. Reviewed By: Conrad git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6568 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
8 additions
and
0 deletions
lib/authentication/authenticationutil.inc.php
| @@ -76,6 +76,14 @@ class KTAuthenticationUtil { | @@ -76,6 +76,14 @@ class KTAuthenticationUtil { | ||
| 76 | $oProvider = KTAuthenticationUtil::getAuthenticationProviderForSource($oSource); | 76 | $oProvider = KTAuthenticationUtil::getAuthenticationProviderForSource($oSource); |
| 77 | $res = $oProvider->autoSignup($sUsername, $sPassword, $aExtra, $oSource); | 77 | $res = $oProvider->autoSignup($sUsername, $sPassword, $aExtra, $oSource); |
| 78 | if ($res) { | 78 | if ($res) { |
| 79 | + $oUser = User::getByUsername($sUsername); | ||
| 80 | + // TODO: The check for this lower down....checkPassword | ||
| 81 | + if(empty($sPassword) || is_null($oUser) || PEAR::isError($oUser)){ | ||
| 82 | + return false; | ||
| 83 | + } | ||
| 84 | + if(!KTAuthenticationUtil::checkPassword($oUser, $sPassword)){ | ||
| 85 | + return false; | ||
| 86 | + } | ||
| 79 | return $res; | 87 | return $res; |
| 80 | } | 88 | } |
| 81 | } | 89 | } |