- Change Summary:
-
added Testing Done info
- Testing Done:
-
+ tested in-house with LDAP server that doesn't respond to anonymous searches
Fix for LDAP authentication with LDAP servers that don't allow anonymous searches
Review Request #4953 — Created Nov. 14, 2013 and submitted
When authenticating a user for login, the current code does an anonymous search to find the user, and then attempts to bind as that user when the search results contain that user. This is a problem since some LDAP servers do not allow anonymous searches. Fix is to do the anonymous search still, but if the search results in no entries, attempt to bind as that user anyways by constructing DN from the username plus configured base DN. If the search does contain the user, use the DN in the returned result.
tested in-house with LDAP server that doesn't respond to anonymous searches