From 659fa4697899735d9c8e2c7efa97e64fa78ee35e Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Sat, 5 Jul 2014 10:33:55 +0200
Subject: [PATCH] Fix httpldap auth plugin logic in case of mismatch (user
 authenticated but not in LDAP)

---
 .../dokuwiki/lib/plugins/authhttpldap/auth.php      | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/root/usr/share/dokuwiki/lib/plugins/authhttpldap/auth.php b/root/usr/share/dokuwiki/lib/plugins/authhttpldap/auth.php
index ae07b83..c2ea5b2 100644
--- a/root/usr/share/dokuwiki/lib/plugins/authhttpldap/auth.php
+++ b/root/usr/share/dokuwiki/lib/plugins/authhttpldap/auth.php
@@ -52,14 +52,11 @@ class auth_plugin_authhttpldap extends auth_plugin_authldap {
         $this->_debug('LemonLDAP::NG Login Name: '.htmlspecialchars($username),0,__LINE__,__FILE__);
         if (!empty($username)){
             $USERINFO = $this->getUserData($username,true);
-            $success = true;
-            $_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
-            $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
-        }
-        // Deny access if user is not found in LDAP
-        // This should never happen
-        if (!empty($USERINFO['dn'])){
-            $success = false;
+            if ($USERINFO !== false){
+                $success = true;
+                $_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
+                $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
+            }
         }
         return $success;
     }