From 26af2c5aff21cfd8afad900858240ed3465cab85 Mon Sep 17 00:00:00 2001 From: "bbaetz%acm.org" <> Date: Mon, 14 Jul 2003 20:35:09 +0000 Subject: Bug 122365 - Allow installation definable LDAP filters r,a=justdave --- Bugzilla/Auth/LDAP.pm | 4 ++-- defparams.pl | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/Bugzilla/Auth/LDAP.pm b/Bugzilla/Auth/LDAP.pm index 179b5a2c5..c34c3698f 100644 --- a/Bugzilla/Auth/LDAP.pm +++ b/Bugzilla/Auth/LDAP.pm @@ -84,7 +84,7 @@ sub authenticate { # We've got our anonymous bind; let's look up this user. $mesg = $LDAPconn->search( base => Param("LDAPBaseDN"), scope => "sub", - filter => Param("LDAPuidattribute") . "=$username", + filter => '(&(' . Param("LDAPuidattribute") . "=$username)" . Param("LDAPfilter") . ')', attrs => ['dn'], ); return (AUTH_LOGINFAILED, undef, "lookup_failure") @@ -102,7 +102,7 @@ sub authenticate { # mail attribute for this user. $mesg = $LDAPconn->search( base => Param("LDAPBaseDN"), scope => "sub", - filter => Param("LDAPuidattribute") . "=$username", + filter => '(&(' . Param("LDAPuidattribute") . "=$username)" . Param("LDAPfilter") . ')', ); my $user_entry = $mesg->shift_entry if !$mesg->code && $mesg->count; if(!$user_entry || !$user_entry->exists(Param("LDAPmailattribute"))) { diff --git a/defparams.pl b/defparams.pl index 15232ad46..e2dcf7533 100644 --- a/defparams.pl +++ b/defparams.pl @@ -388,6 +388,14 @@ sub check_loginmethod { default => 'mail' }, + { + name => 'LDAPfilter', + desc => 'LDAP filter to AND with the LDAPuidattribute for ' . + 'filtering the list of valid users.', + type => 't', + default => '', + }, + { name => 'loginmethod', desc => 'The type of login authentication to use: -- cgit v1.2.3-24-g4f1b