mainnika/nginx-auth-ldap
1
0
Fork 0
mirror of https://github.com/mainnika/nginx-auth-ldap.git synced 2026-05-22 15:53:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix authentication for user/group validations

Browse Source 
This fixes issue #40.  User passwords should *always* be checked during authentication (except when a user fails to satisfy given requirements).  Previously, the PHASE_CHECK_BIND step of authentication would not check passwords in any LDAP configuration where ``require valid_user`` was not specified (eg using ``require user`` or ``require group``).
This commit is contained in:
David Beitey
2014-03-19 15:44:20 +10:00
parent 93cd9f094a
commit 0cc183bedd
1 changed files with 0 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ngx_http_auth_ldap_module.c
-5
View File
@@ -1708,11 +1708,6 @@ ngx_http_auth_ldap_authenticate(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t
}
}
if (ctx->server->require_valid_user == 0) {
ctx->phase = PHASE_NEXT;
break;
}
/* Initiate bind using the found DN and request password */
rc = ngx_http_auth_ldap_check_bind(r, ctx);
if (rc == NGX_AGAIN) {