This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/connector/ldap
Stephan Renatus 6a2d4ab6b4 connectors/ldap: treat 'constraint violation' on bind as bad credentials
Some directory servers (I think it's Oracle) return

    Constraint Violation: Exceed password retry limit. Account locked.

when attempting to login too many times. While constraint violation can
mean many things, we're checking this as an error on BIND, so it's
more likely that something like this has happened than any other thing.

Hence, we should treat it as an "incorrect password" situation, not an
internal error.

It would of course be preferrable to surface more information about this
precise error (and similar ones), but I think this is beyond this small
change.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 10:03:17 +02:00
..
testdata connector/ldap: support the StartTLS flow for secure connections 2017-04-12 15:25:42 -07:00
gen-certs.sh connector/ldap: support the StartTLS flow for secure connections 2017-04-12 15:25:42 -07:00
ldap.go connectors/ldap: treat 'constraint violation' on bind as bad credentials 2018-09-05 10:03:17 +02:00
ldap_test.go password connectors: allow overriding the username attribute (password prompt) 2017-11-09 09:30:03 +01:00