stable
Clone or download
Read-only
request #13256: The bind to the LDAP directory should not be kept after having authenticated a user
Currently, once Tuleap has authenticated a user the bind is kept and all remaining LDAP queries for the process are done with it. This can cause issues when the user that tries to authenticate has less rights than the account defined by the sys_ldap_bind_dn setting. After having having authenticated a user, Tuleap should unbind from the directory and if necessary re-bind itself with the information defined in the ldap.inc. The LDAP plugin also did not took into account that LDAP::search() might return false. This is now handled to avoid potential fatal errors when a LDAP query fails for some reason. Change-Id: I42352bec52406f329463ffcb7145c838d76df29a
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/ldap/include/LDAP.class.php | +31 | −31 | Go to diff View file |
| M | plugins/ldap/include/LDAP_SearchPeople.class.php | +1 | −1 | Go to diff View file |
| M | plugins/ldap/include/LDAP_UserManager.class.php | +5 | −1 | Go to diff View file |
| M | plugins/ldap/include/LDAP_UserWrite.class.php | +2 | −2 | Go to diff View file |
| M | plugins/ldap/include/ldapPlugin.class.php | +8 | −1 | Go to diff View file |