Disconnect from LDAP when error occurs, and enable cache management even with Multi backend (#664)
This commit is contained in:
parent
509e8fcf23
commit
941c27631c
|
@ -10,13 +10,13 @@ use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
|
|||
use Lemonldap::NG::Portal::_WebForm;
|
||||
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
|
||||
|
||||
our $VERSION = '1.2.0';
|
||||
our $VERSION = '1.4.0';
|
||||
use base qw(Lemonldap::NG::Portal::_WebForm);
|
||||
|
||||
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
|
||||
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
|
||||
|
||||
## @apmethod int authInit()
|
||||
## @apmethod int authInit()
|
||||
# Set _authnLevel
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authInit {
|
||||
|
@ -51,6 +51,12 @@ sub authenticate {
|
|||
$self->{oldpassword} = $self->{password}
|
||||
if ( $res == PE_PP_CHANGE_AFTER_RESET );
|
||||
|
||||
# Unbind if there was an error
|
||||
unless ( $res == PE_OK ) {
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
}
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
||||
|
@ -60,7 +66,8 @@ sub authenticate {
|
|||
sub authFinish {
|
||||
my $self = shift;
|
||||
|
||||
$self->ldap->unbind();
|
||||
$self->ldap->unbind if $self->ldap;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
|
||||
PE_OK;
|
||||
}
|
||||
|
|
|
@ -12,12 +12,12 @@ use Lemonldap::NG::Portal::UserDBLDAP; #inherits
|
|||
|
||||
#inherits Lemonldap::NG::Portal::_SMTP
|
||||
|
||||
our $VERSION = '1.2.0';
|
||||
our $VERSION = '1.4.0';
|
||||
|
||||
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
|
||||
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
|
||||
|
||||
## @apmethod int passwordDBInit()
|
||||
## @apmethod int passwordDBInit()
|
||||
# Load SMTP functions
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub passwordDBInit {
|
||||
|
@ -57,7 +57,11 @@ sub modifyPassword {
|
|||
$self->{confirmpassword}, $self->{oldpassword}
|
||||
);
|
||||
|
||||
return $code unless ( $code == PE_PASSWORD_OK );
|
||||
unless ( $code == PE_PASSWORD_OK ) {
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return $code;
|
||||
}
|
||||
|
||||
# If password policy and force reset, set reset flag
|
||||
if ( $self->{ldapPpolicyControl}
|
||||
|
@ -80,7 +84,9 @@ sub modifyPassword {
|
|||
. $result->code,
|
||||
'error'
|
||||
);
|
||||
$code = PE_LDAPERROR;
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
|
||||
$self->lmLog(
|
||||
|
@ -91,6 +97,8 @@ sub modifyPassword {
|
|||
);
|
||||
}
|
||||
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return $code;
|
||||
}
|
||||
|
||||
|
|
|
@ -87,16 +87,22 @@ sub search {
|
|||
);
|
||||
if ( $mesg->code() != 0 ) {
|
||||
$self->lmLog( 'LDAP Search error: ' . $mesg->error, 'error' );
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
if ( $mesg->count() > 1 ) {
|
||||
$self->lmLog( 'More than one entry returned by LDAP directory',
|
||||
'error' );
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
unless ( $self->{entry} = $mesg->entry(0) ) {
|
||||
my $user = $self->{mail} || $self->{user};
|
||||
$self->_sub( 'userError', "$user was not found in LDAP directory" );
|
||||
$self->ldap->unbind;
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
$self->{dn} = $self->{entry}->dn();
|
||||
|
|
|
@ -451,25 +451,23 @@ sub userModifyPassword {
|
|||
# @return Lemonldap::NG::Portal::_LDAP object
|
||||
sub ldap {
|
||||
my $self = shift;
|
||||
unless ( $self->{_multi} ) {
|
||||
return $self->{ldap} if ( ref( $self->{ldap} ) );
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "LDAP Cache disabled in multi mode", 'debug' );
|
||||
}
|
||||
return $self->{ldap} if ( ref( $self->{ldap} ) and $self->{flags}->{ldapActive} );
|
||||
if ( $self->{ldap} = Lemonldap::NG::Portal::_LDAP->new($self)
|
||||
and my $mesg = $self->{ldap}->bind )
|
||||
{
|
||||
if ( $mesg->code != 0 ) {
|
||||
$self->lmLog( "LDAP error: " . $mesg->error, 'error' );
|
||||
$self->{ldap}->unbind;
|
||||
}
|
||||
else {
|
||||
if ( $self->{ldapPpolicyControl}
|
||||
and not $self->{ldap}->loadPP() )
|
||||
{
|
||||
$self->lmLog( "LDAP password policy error", 'error' );
|
||||
$self->{ldap}->unbind;
|
||||
}
|
||||
else {
|
||||
$self->{flags}->{ldapActive} = 1;
|
||||
return $self->{ldap};
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user