Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity

connector/ldap: check for blank passwords and return error.

Browse source
This commit is contained in:
rithu john 2017-04-28 14:57:10 -07:00
parent 9b0af83604
commit 58eee98117
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
connector/ldap/ldap.go
View file

@ -345,6 +345,11 @@ func (c *ldapConnector) userEntry(conn *ldap.Conn, username string) (user ldap.E
} }
func (c *ldapConnector) Login(ctx context.Context, s connector.Scopes, username, password string) (ident connector.Identity, validPass bool, err error) { func (c *ldapConnector) Login(ctx context.Context, s connector.Scopes, username, password string) (ident connector.Identity, validPass bool, err error) {
// make this check to avoid anonymous bind to the LDAP server.
if password == "" {
return connector.Identity{}, false, nil
}
var ( var (
// We want to return a different error if the user's password is incorrect vs // We want to return a different error if the user's password is incorrect vs
// if there was an error. // if there was an error.