Ignore any exceptions or errors on the ldap_bind... assume they are password related and just return false as an invalid password. Fixes ticket #864.
This commit is contained in:
parent
7915ba2de9
commit
9963d59e3b
@ -71,7 +71,7 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
|
|||||||
public function is_correct_password($user, $password) {
|
public function is_correct_password($user, $password) {
|
||||||
$connection = ldap_connect(self::$_params["url"]);
|
$connection = ldap_connect(self::$_params["url"]);
|
||||||
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
$lbind = ldap_bind($connection, $user->dn, $password);
|
$lbind = @ldap_bind($connection, $user->dn, $password);
|
||||||
ldap_unbind($connection);
|
ldap_unbind($connection);
|
||||||
|
|
||||||
return ($lbind) ? true : false;
|
return ($lbind) ? true : false;
|
||||||
|
Reference in New Issue
Block a user