|
@@ -498,7 +498,7 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
|
|
|
$ldap_query = $ldap_query->rawFilter($iam_settings['filter']);
|
|
$ldap_query = $ldap_query->rawFilter($iam_settings['filter']);
|
|
|
}
|
|
}
|
|
|
$ldap_query = $ldap_query->where($iam_settings['username_field'], '=', $user)
|
|
$ldap_query = $ldap_query->where($iam_settings['username_field'], '=', $user)
|
|
|
- ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname']);
|
|
|
|
|
|
|
+ ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname', 'cn']);
|
|
|
|
|
|
|
|
$user_res = $ldap_query->firstOrFail();
|
|
$user_res = $ldap_query->firstOrFail();
|
|
|
} catch (Exception $e) {
|
|
} catch (Exception $e) {
|
|
@@ -513,12 +513,15 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
|
|
|
}
|
|
}
|
|
|
try {
|
|
try {
|
|
|
if (!$iam_provider->auth()->attempt($user_res['distinguishedname'][0], $pass)) {
|
|
if (!$iam_provider->auth()->attempt($user_res['distinguishedname'][0], $pass)) {
|
|
|
- $_SESSION['return'][] = array(
|
|
|
|
|
- 'type' => 'danger',
|
|
|
|
|
- 'log' => array(__FUNCTION__, $user, '*', $user_res),
|
|
|
|
|
- 'msg' => 'ldap_auth_failed'
|
|
|
|
|
- );
|
|
|
|
|
- return false;
|
|
|
|
|
|
|
+ // fallback to cn
|
|
|
|
|
+ if (!$iam_provider->auth()->attempt($user_res['cn'][0], $pass)) {
|
|
|
|
|
+ $_SESSION['return'][] = array(
|
|
|
|
|
+ 'type' => 'danger',
|
|
|
|
|
+ 'log' => array(__FUNCTION__, $user, '*', $user_res),
|
|
|
|
|
+ 'msg' => 'ldap_auth_failed'
|
|
|
|
|
+ );
|
|
|
|
|
+ return false;
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
} catch (Exception $e) {
|
|
} catch (Exception $e) {
|
|
|
// clear $_SESSION['return'] to not leak data
|
|
// clear $_SESSION['return'] to not leak data
|
FreddleSpl0it