mirror of
https://github.com/librenms/librenms.git
synced 2024-09-21 10:28:13 +00:00
Handle ad/ldap authorizer search error (#16139)
* Handle ldap authorizer search error * Update LdapAuthorizationAuthorizer.php * More ldap failure checks
This commit is contained in:
parent
6bd55dce25
commit
473cbcc508
@ -78,6 +78,9 @@ class ADAuthorizationAuthorizer extends MysqlAuthorizer
|
||||
$this->userFilter($username),
|
||||
['samaccountname']
|
||||
);
|
||||
if ($search === false) {
|
||||
throw new AuthenticationException('User search failed: ' . ldap_error($this->ldap_connection));
|
||||
}
|
||||
$entries = ldap_get_entries($this->ldap_connection, $search);
|
||||
|
||||
if ($entries['count']) {
|
||||
@ -151,6 +154,9 @@ class ADAuthorizationAuthorizer extends MysqlAuthorizer
|
||||
$this->userFilter($username),
|
||||
$attributes
|
||||
);
|
||||
if ($search === false) {
|
||||
throw new AuthenticationException('Role search failed: ' . ldap_error($this->ldap_connection));
|
||||
}
|
||||
$entries = ldap_get_entries($this->ldap_connection, $search);
|
||||
|
||||
if ($entries['count']) {
|
||||
|
@ -95,6 +95,9 @@ class LdapAuthorizationAuthorizer extends AuthorizerBase
|
||||
|
||||
$filter = '(' . Config::get('auth_ldap_prefix') . $username . ')';
|
||||
$search = ldap_search($this->ldap_connection, trim(Config::get('auth_ldap_suffix'), ','), $filter);
|
||||
if ($search === false) {
|
||||
throw new AuthenticationException('User search failed: ' . ldap_error($this->ldap_connection));
|
||||
}
|
||||
$entries = ldap_get_entries($this->ldap_connection, $search);
|
||||
if ($entries['count']) {
|
||||
/*
|
||||
@ -125,6 +128,9 @@ class LdapAuthorizationAuthorizer extends AuthorizerBase
|
||||
// Find all defined groups $username is in
|
||||
$filter = '(&(|(cn=' . implode(')(cn=', array_keys(Config::get('auth_ldap_groups'))) . '))(' . Config::get('auth_ldap_groupmemberattr') . '=' . $this->getMembername($username) . '))';
|
||||
$search = ldap_search($this->ldap_connection, Config::get('auth_ldap_groupbase'), $filter);
|
||||
if ($search === false) {
|
||||
throw new AuthenticationException('Role search failed: ' . ldap_error($this->ldap_connection));
|
||||
}
|
||||
$entries = ldap_get_entries($this->ldap_connection, $search);
|
||||
|
||||
$authLdapGroups = Config::get('auth_ldap_groups');
|
||||
|
Loading…
Reference in New Issue
Block a user