diff options
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/auth_source_ldap.rb | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb index 4f73621d6..43a0fc8bc 100644 --- a/app/models/auth_source_ldap.rb +++ b/app/models/auth_source_ldap.rb @@ -41,8 +41,7 @@ class AuthSourceLdap < AuthSource dn = String.new ldap_con.search( :base => self.base_dn, :filter => object_filter & login_filter, - # only ask for the DN if on-the-fly registration is disabled - :attributes=> (onthefly_register? ? ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail] : ['dn'])) do |entry| + :attributes=> search_attributes) do |entry| dn = entry.dn attrs = get_user_attributes_from_ldap_entry(entry) if onthefly_register? logger.debug "DN found for #{login}: #{dn}" if logger && logger.debug? @@ -95,6 +94,16 @@ class AuthSourceLdap < AuthSource ] end + # Return the attributes needed for the LDAP search. It will only + # include the user attributes if on-the-fly registration is enabled + def search_attributes + if onthefly_register? + ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail] + else + ['dn'] + end + end + # Check if a DN (user record) authenticates with the password def authenticate_dn(dn, password) if dn.present? && password.present? |