Merge pull request #933 from rithujohn191/ldap-fix
connector/ldap: check for blank passwords and return error.
This commit is contained in:
commit
a7097c80e3
1 changed files with 5 additions and 0 deletions
|
@ -359,6 +359,11 @@ func (c *ldapConnector) userEntry(conn *ldap.Conn, username string) (user ldap.E
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *ldapConnector) Login(ctx context.Context, s connector.Scopes, username, password string) (ident connector.Identity, validPass bool, err error) {
|
func (c *ldapConnector) Login(ctx context.Context, s connector.Scopes, username, password string) (ident connector.Identity, validPass bool, err error) {
|
||||||
|
// make this check to avoid anonymous bind to the LDAP server.
|
||||||
|
if password == "" {
|
||||||
|
return connector.Identity{}, false, nil
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
// We want to return a different error if the user's password is incorrect vs
|
// We want to return a different error if the user's password is incorrect vs
|
||||||
// if there was an error.
|
// if there was an error.
|
||||||
|
|
Reference in a new issue