From 90159ef1cf1dbcb1a59a5f786b3c68d86ceddc9c Mon Sep 17 00:00:00 2001
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Fri, 22 Jan 2016 18:16:00 +0000
Subject: [PATCH] Do not bind when the account contains $login (#21674).

git-svn-id: http://svn.redmine.org/redmine/trunk@15090 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/models/auth_source_ldap.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb
index 6dda73d9f..abbb46617 100644
--- a/app/models/auth_source_ldap.rb
+++ b/app/models/auth_source_ldap.rb
@@ -62,7 +62,7 @@ class AuthSourceLdap < AuthSource
       ldap_con = initialize_ldap_con(self.account, self.account_password)
       ldap_con.open { }
 
-      if self.account.present? && self.account_password.present?
+      if self.account.present? && !self.account.include?("$login") && self.account_password.present?
         ldap_auth = authenticate_dn(self.account, self.account_password)
         raise AuthSourceException.new(l(:error_ldap_bind_credentials)) if !ldap_auth
       end
-- 
2.39.5