Turns out that passing null as username and password in ldap_bind()
breaks anonymous ldap_bind(). Sigh. Be a little more careful.
This commit is contained in:
parent
6db001616b
commit
ae71692819
@ -41,7 +41,7 @@ $config["ldap"] = array(
|
|||||||
"url" => "ldaps://ldap.corp.google.com/",
|
"url" => "ldaps://ldap.corp.google.com/",
|
||||||
"group_domain" => "ou=Posix,ou=Groups,dc=google,dc=com",
|
"group_domain" => "ou=Posix,ou=Groups,dc=google,dc=com",
|
||||||
"user_domain" => "ou=People,dc=google,dc=com",
|
"user_domain" => "ou=People,dc=google,dc=com",
|
||||||
"bind_rdn" => NULL,
|
"bind_rdn" => null,
|
||||||
"bind_password" => NULL,
|
"bind_password" => null,
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
@ -31,7 +31,11 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
|
|||||||
self::$_params = $params;
|
self::$_params = $params;
|
||||||
self::$_connection = ldap_connect(self::$_params["url"]);
|
self::$_connection = ldap_connect(self::$_params["url"]);
|
||||||
ldap_set_option(self::$_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
ldap_set_option(self::$_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
|
if (self::$_params["bind_rdn"]) {
|
||||||
ldap_bind(self::$_connection, self::$_params["bind_rdn"], self::$_params["bind_password"]);
|
ldap_bind(self::$_connection, self::$_params["bind_rdn"], self::$_params["bind_password"]);
|
||||||
|
} else {
|
||||||
|
ldap_bind(self::$_connection);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Reference in New Issue
Block a user