jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Use the first part of the dn to get the common name in ldap

Browse Source 
It is no must to have the first part named 'cn' but the first
part is always the id we want to verify
This commit is contained in:
Johannes Zellner
2016-01-25 11:31:55 +01:00
parent 63c06a508e
commit 34aab65db3
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/ldap.js
View File

@@ -115,9 +115,11 @@ function start(callback) {
gServer.bind('ou=users,dc=cloudron', function(req, res, next) {
debug('ldap user bind: %s', req.dn.toString());
if (!req.dn.rdns[0].cn) return next(new ldap.NoSuchObjectError(req.dn.toString()));
// extract the common name which might have different attribute names
var commonName = req.dn.rdns[0][Object.keys(req.dn.rdns[0])[0]];
if (!commonName) return next(new ldap.NoSuchObjectError(req.dn.toString()));
user.verify(req.dn.rdns[0].cn, req.credentials || '', function (error, result) {
user.verify(commonName, req.credentials || '', function (error, result) {
if (error && error.reason === UserError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
if (error && error.reason === UserError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString()));
if (error) return next(new ldap.OperationsError(error));