summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/main/java/com/gitblit/auth/LdapAuthProvider.java13
1 files changed, 11 insertions, 2 deletions
diff --git a/src/main/java/com/gitblit/auth/LdapAuthProvider.java b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
index 7a6b74df..67d98c7f 100644
--- a/src/main/java/com/gitblit/auth/LdapAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
@@ -162,15 +162,20 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider {
String bindUserName = settings.getString(Keys.realm.ldap.username, "");
String bindPassword = settings.getString(Keys.realm.ldap.password, "");
-
LDAPConnection conn;
if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
// SSL
SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
+ if (ldapPort == -1) {
+ ldapPort = 636;
+ }
} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") || ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
// no encryption or StartTLS
conn = new LDAPConnection();
+ if (ldapPort == -1) {
+ ldapPort = 389;
+ }
} else {
logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
return null;
@@ -187,7 +192,11 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider {
}
}
- if (!StringUtils.isEmpty(bindUserName) || !StringUtils.isEmpty(bindPassword)) {
+ if (StringUtils.isEmpty(bindUserName) && StringUtils.isEmpty(bindPassword)) {
+ // anonymous bind
+ conn.bind(new SimpleBindRequest());
+ } else {
+ // authenticated bind
conn.bind(new SimpleBindRequest(bindUserName, bindPassword));
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 10:05:23 +0000