Attachment #8398 for bug #43384

(-)a/saml/univention-saml/simplesamlphp-modules/uldap/lib/Auth/Source/uLDAP.php (-8 / +8 lines)

Lines 54-66 class sspmod_uldap_Auth_Source_uLDAP extends sspmod_core_Auth_UserPassBase {	Link Here

		assert('is_string($password)');

		assert('is_string($password)');

		try {

		try {

			return $this->ldapConfig->login($username, $password, $sasl_args);

			$attributes = $this->ldapConfig->login($username, $password, $sasl_args);

		} catch (SimpleSAML_Error_Error $e) {

		} catch (SimpleSAML_Error_Error $e) {

			if ($e->getMessage() == 'WRONGUSERPASS') {

			if ($e->getMessage() == 'WRONGUSERPASS') {

				$this->throw_common_login_errors($username);

				$user_dn = $this->ldap->searchfordn($this->config['search.base'], $this->config['search.attributes'], $username, TRUE);

				$attributes = $this->ldap->getAttributes($user_dn);

				$this->throw_common_login_errors($attributes);

			throw $e;

			throw $e;

		$this->throw_common_login_errors($attributes);

		return $attributes;

Lines 68-80 class sspmod_uldap_Auth_Source_uLDAP extends sspmod_core_Auth_UserPassBase {	Link Here

/**

/**

	 * Investigate login failure

	 * Investigate login failure

	 * @param string $username  The username the user wrote.

	 * @param string $attributes

*/

*/

	private function throw_common_login_errors($username) {

	private function throw_common_login_errors($attributes) {

		assert('is_string($username)');

		$user_dn = $this->ldap->searchfordn($this->config['search.base'], $this->config['search.attributes'], $username, TRUE);

		$attributes = $this->ldap->getAttributes($user_dn);

		SimpleSAML_Logger::debug('got LDAP attributes:' . var_export($attributes, true));

		SimpleSAML_Logger::debug('got LDAP attributes:' . var_export($attributes, true));

		$the_time = time();

		$the_time = time();

Return to bug 43384