diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-02-19 17:00:49 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-02-19 17:00:49 +0000 |
| commit | c6b2f1d606c1a54d269935d13884f5b7f8745bbc (patch) | |
| tree | 557aff6b89880f4d86b2df87f959ecce140ce529 /app/models/auth_source_ldap.rb | |
| parent | d828122009cdaaf5f84dd178798e4901f07c326e (diff) | |
| download | redmine-c6b2f1d606c1a54d269935d13884f5b7f8745bbc.tar.gz redmine-c6b2f1d606c1a54d269935d13884f5b7f8745bbc.zip | |
Refactor: Extract #get_user_dn from AuthSourceLdap.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3454 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/auth_source_ldap.rb')
| -rw-r--r-- | app/models/auth_source_ldap.rb | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb index 43a0fc8bc..1378d004d 100644 --- a/app/models/auth_source_ldap.rb +++ b/app/models/auth_source_ldap.rb @@ -33,22 +33,9 @@ class AuthSourceLdap < AuthSource def authenticate(login, password) return nil if login.blank? || password.blank? - attrs = [] - # get user's DN - ldap_con = initialize_ldap_con(self.account, self.account_password) - login_filter = Net::LDAP::Filter.eq( self.attr_login, login ) - object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) - dn = String.new - ldap_con.search( :base => self.base_dn, - :filter => object_filter & login_filter, - :attributes=> search_attributes) do |entry| - dn = entry.dn - attrs = get_user_attributes_from_ldap_entry(entry) if onthefly_register? - logger.debug "DN found for #{login}: #{dn}" if logger && logger.debug? - - end - - if authenticate_dn(dn, password) + attrs = get_user_dn(login) + + if attrs.first && attrs.first[:dn] && authenticate_dn(attrs.first[:dn], password) logger.debug "Authentication successful for '#{login}'" if logger && logger.debug? return attrs end @@ -87,6 +74,7 @@ class AuthSourceLdap < AuthSource def get_user_attributes_from_ldap_entry(entry) [ + :dn => entry.dn, :firstname => AuthSourceLdap.get_attr(entry, self.attr_firstname), :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname), :mail => AuthSourceLdap.get_attr(entry, self.attr_mail), @@ -110,6 +98,29 @@ class AuthSourceLdap < AuthSource initialize_ldap_con(dn, password).bind end end + + # Get the user's dn and any attributes for them, given their login + def get_user_dn(login) + ldap_con = initialize_ldap_con(self.account, self.account_password) + login_filter = Net::LDAP::Filter.eq( self.attr_login, login ) + object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) + attrs = [] + + ldap_con.search( :base => self.base_dn, + :filter => object_filter & login_filter, + :attributes=> search_attributes) do |entry| + + if onthefly_register? + attrs = get_user_attributes_from_ldap_entry(entry) + else + attrs = [:dn => entry.dn] + end + + logger.debug "DN found for #{login}: #{attrs.first[:dn]}" if logger && logger.debug? + end + + attrs + end def self.get_attr(entry, attr_name) if !attr_name.blank? |