Lines 54-66
class sspmod_uldap_Auth_Source_uLDAP extends sspmod_core_Auth_UserPassBase {
|
Link Here
|
---|
|
54 |
assert('is_string($password)'); |
54 |
assert('is_string($password)'); |
55 |
|
55 |
|
56 |
try { |
56 |
try { |
57 |
return $this->ldapConfig->login($username, $password, $sasl_args); |
57 |
$attributes = $this->ldapConfig->login($username, $password, $sasl_args); |
58 |
} catch (SimpleSAML_Error_Error $e) { |
58 |
} catch (SimpleSAML_Error_Error $e) { |
59 |
if ($e->getMessage() == 'WRONGUSERPASS') { |
59 |
if ($e->getMessage() == 'WRONGUSERPASS') { |
60 |
$this->throw_common_login_errors($username); |
60 |
$user_dn = $this->ldap->searchfordn($this->config['search.base'], $this->config['search.attributes'], $username, TRUE); |
|
|
61 |
$attributes = $this->ldap->getAttributes($user_dn); |
62 |
$this->throw_common_login_errors($attributes); |
61 |
} |
63 |
} |
62 |
throw $e; |
64 |
throw $e; |
63 |
} |
65 |
} |
|
|
66 |
$this->throw_common_login_errors($attributes); |
67 |
return $attributes; |
64 |
|
68 |
|
65 |
} |
69 |
} |
66 |
|
70 |
|
Lines 68-80
class sspmod_uldap_Auth_Source_uLDAP extends sspmod_core_Auth_UserPassBase {
|
Link Here
|
---|
|
68 |
/** |
72 |
/** |
69 |
* Investigate login failure |
73 |
* Investigate login failure |
70 |
* |
74 |
* |
71 |
* @param string $username The username the user wrote. |
75 |
* @param string $attributes |
72 |
*/ |
76 |
*/ |
73 |
private function throw_common_login_errors($username) { |
77 |
private function throw_common_login_errors($attributes) { |
74 |
assert('is_string($username)'); |
|
|
75 |
|
76 |
$user_dn = $this->ldap->searchfordn($this->config['search.base'], $this->config['search.attributes'], $username, TRUE); |
77 |
$attributes = $this->ldap->getAttributes($user_dn); |
78 |
SimpleSAML_Logger::debug('got LDAP attributes:' . var_export($attributes, true)); |
78 |
SimpleSAML_Logger::debug('got LDAP attributes:' . var_export($attributes, true)); |
79 |
|
79 |
|
80 |
$the_time = time(); |
80 |
$the_time = time(); |