diff options
| author | bbaetz%acm.org <> | 2003-07-14 22:35:09 +0200 |
|---|---|---|
| committer | bbaetz%acm.org <> | 2003-07-14 22:35:09 +0200 |
| commit | 26af2c5aff21cfd8afad900858240ed3465cab85 (patch) | |
| tree | a1dc7cff2a65427c3b581cd71d5af9074b4524a0 | |
| parent | 94c8b7f2f167dc002172af42a088beed6685fc31 (diff) | |
| download | bugzilla-26af2c5aff21cfd8afad900858240ed3465cab85.tar.gz bugzilla-26af2c5aff21cfd8afad900858240ed3465cab85.tar.xz | |
Bug 122365 - Allow installation definable LDAP filters
r,a=justdave
| -rw-r--r-- | Bugzilla/Auth/LDAP.pm | 4 | ||||
| -rw-r--r-- | defparams.pl | 8 |
2 files changed, 10 insertions, 2 deletions
diff --git a/Bugzilla/Auth/LDAP.pm b/Bugzilla/Auth/LDAP.pm index 179b5a2c5..c34c3698f 100644 --- a/Bugzilla/Auth/LDAP.pm +++ b/Bugzilla/Auth/LDAP.pm @@ -84,7 +84,7 @@ sub authenticate { # We've got our anonymous bind; let's look up this user. $mesg = $LDAPconn->search( base => Param("LDAPBaseDN"), scope => "sub", - filter => Param("LDAPuidattribute") . "=$username", + filter => '(&(' . Param("LDAPuidattribute") . "=$username)" . Param("LDAPfilter") . ')', attrs => ['dn'], ); return (AUTH_LOGINFAILED, undef, "lookup_failure") @@ -102,7 +102,7 @@ sub authenticate { # mail attribute for this user. $mesg = $LDAPconn->search( base => Param("LDAPBaseDN"), scope => "sub", - filter => Param("LDAPuidattribute") . "=$username", + filter => '(&(' . Param("LDAPuidattribute") . "=$username)" . Param("LDAPfilter") . ')', ); my $user_entry = $mesg->shift_entry if !$mesg->code && $mesg->count; if(!$user_entry || !$user_entry->exists(Param("LDAPmailattribute"))) { diff --git a/defparams.pl b/defparams.pl index 15232ad46..e2dcf7533 100644 --- a/defparams.pl +++ b/defparams.pl @@ -389,6 +389,14 @@ sub check_loginmethod { }, { + name => 'LDAPfilter', + desc => 'LDAP filter to AND with the <tt>LDAPuidattribute</tt> for ' . + 'filtering the list of valid users.', + type => 't', + default => '', + }, + + { name => 'loginmethod', desc => 'The type of login authentication to use: <dl> |