Commit f25c43a1 authored by Hamza HRAMCHI's avatar Hamza HRAMCHI
Browse files

Merge branch 'fix/21337/develop' into 'develop'

[21337] LDAP Anonyme : tout utilisateur en base peut s'authentifier sans tenir compte du mot de passe

See merge request maarch/MaarchParapheur!145
parents a3a109ab 08a8f560
......@@ -136,7 +136,15 @@ class AuthenticationController
$error = 'Ldap search failed : baseDN is maybe wrong => ' . ldap_error($ldap);
continue;
}
$entries = ldap_get_entries($ldap, $search);
$entries = @ldap_get_entries($ldap, $search);
if ($entries === false) {
$error = 'Ldap fetching failed : ' . ldap_error($ldap);
continue;
}
if ($entries['count'] < 1) {
$error = 'No entries found in ldap search : invalid user DN or ldap configuration';
continue;
}
$ldapLogin = $entries[0]['dn'];
}
$authenticated = @ldap_bind($ldap, $ldapLogin, $body['password']);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment