diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2008-02-15 09:55:56 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2008-02-15 09:55:56 +0100 |
| commit | 02cc92970191a8f6f08ce3a22d13e87a7053608f (patch) | |
| tree | 192e68e42a49bb251a50be775c7639981c490947 | |
| parent | 35a562605f3f00c149a28fc42c85ab76f28b7497 (diff) | |
| download | rpg-02cc92970191a8f6f08ce3a22d13e87a7053608f.tar.gz rpg-02cc92970191a8f6f08ce3a22d13e87a7053608f.tar.bz2 | |
LDAP backend: try to rebind with current user for getUserData() FS#1053
darcs-hash:20080215085556-7ad00-bcdc77251ad51b80bb4a55956efb7987a9eade32.gz
| -rw-r--r-- | inc/auth/ldap.class.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php index 9fcdc171f..c2e96ba75 100644 --- a/inc/auth/ldap.class.php +++ b/inc/auth/ldap.class.php @@ -137,7 +137,8 @@ class auth_ldap extends auth_basic { * @author Andreas Gohr <andi@splitbrain.org> * @author Trouble * @author Dan Allen <dan.j.allen@gmail.com> - * @auhtor <evaldas.auryla@pheur.org> + * @author <evaldas.auryla@pheur.org> + * @author Stephane Chazelas <stephane.chazelas@emerson.com> * @return array containing user data or false */ function getUserData($user) { @@ -153,8 +154,13 @@ class auth_ldap extends auth_basic { return false; } $this->bound = 2; + }elseif($this->bound == 0) { + // in some cases getUserData is called outside the authentication workflow + // eg. for sending email notification on subscribed pages. This data might not + // be accessible anonymously, so we try to rebind the current user here + $pass = PMA_blowfish_decrypt($_SESSION[DOKU_COOKIE]['auth']['pass'],auth_cookiesalt()); + $this->checkPass($_SESSION[DOKU_COOKIE]['auth']['user'], $pass); } - // with no superuser creds we continue as user or anonymous here $info['user'] = $user; $info['server'] = $this->cnf['server']; |