Peter M. Groen / knowledgetree

Commit fa3d894df381d8299f82e3e206cf88038a107fc0

Authored by Conrad Vermeulen
1 parent 1b6f1e18

KTS-3752 

"CLONE -Authentication problem: (many) users can login without a correct password (SUP-1086)"
Fixed. 

Committed By: Conrad Vermeulen
Reviewed By: megan watson

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@9416 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 9 additions and 1 deletions
plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php
  View file @fa3d894
@@ -741,6 +741,10 @@ class KTLDAPBaseAuthenticator extends Authenticator { @@ -741,6 +741,10 @@ class KTLDAPBaseAuthenticator extends Authenticator {
741 */ 741 */
742 function checkPassword($oUser, $sPassword) { 742 function checkPassword($oUser, $sPassword) {
743 $dn = $oUser->getAuthenticationDetails(); 743 $dn = $oUser->getAuthenticationDetails();
  744 + if (is_null($dn))
  745 + {
  746 + return new PEAR_Error(_kt('Please consult your system administrator. The authentication parameters are corrupt. (authentication_detail_s1 is null)'));
  747 + }
744 $config = array( 748 $config = array(
745 'host' => $this->sLdapServer, 749 'host' => $this->sLdapServer,
746 'base' => $this->sBaseDN, 750 'base' => $this->sBaseDN,
@@ -796,11 +800,15 @@ class KTLDAPBaseAuthenticator extends Authenticator { @@ -796,11 +800,15 @@ class KTLDAPBaseAuthenticator extends Authenticator {
796 return $aResults; 800 return $aResults;
797 } 801 }
798 foreach($aResults as $aEntry){ 802 foreach($aResults as $aEntry){
799 - if($aEntry['sAMAccountName'] == $sName){ 803 + if (strcasecmp($aEntry['sAMAccountName'], $sName) == 0) {
800 $newDn = $aEntry['dn']; 804 $newDn = $aEntry['dn'];
801 break; 805 break;
802 } 806 }
803 } 807 }
  808 + if (empty($newDn))
  809 + {
  810 + return false;
  811 + }
804 812
805 $res = $this->oLdap->reBind($newDn, $sPassword); 813 $res = $this->oLdap->reBind($newDn, $sPassword);
806 814