| 35 |
35 |
return nil if login.blank? || password.blank?
|
| 36 |
36 |
attrs = []
|
| 37 |
37 |
# get user's DN
|
| 38 |
|
ldap_con = initialize_ldap_con(self.account, self.account_password)
|
|
38 |
if self.account.include? "$login" then
|
|
39 |
logger.debug "LDAP-Auth with User login"
|
|
40 |
ldap_con = initialize_ldap_con(self.account.sub("$login", login), password)
|
|
41 |
else
|
|
42 |
logger.debug "LDAP-Auth with Admin User"
|
|
43 |
ldap_con = initialize_ldap_con(self.account, self.account_password)
|
|
44 |
end
|
| 39 |
45 |
login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
|
| 40 |
46 |
object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
|
| 41 |
47 |
dn = String.new
|
| ... | ... | |
| 50 |
56 |
:auth_source_id => self.id ] if onthefly_register?
|
| 51 |
57 |
end
|
| 52 |
58 |
return nil if dn.empty?
|
| 53 |
|
logger.debug "DN found for #{login}: #{dn}" if logger && logger.debug?
|
| 54 |
|
# authenticate user
|
| 55 |
|
ldap_con = initialize_ldap_con(dn, password)
|
| 56 |
|
return nil unless ldap_con.bind
|
| 57 |
|
# return user's attributes
|
| 58 |
|
logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
|
|
59 |
if not self.account.include? "$login" then
|
|
60 |
logger.debug "DN found for #{login}: #{dn}" if logger && logger.debug?
|
|
61 |
# authenticate user
|
|
62 |
ldap_con = initialize_ldap_con(dn, password)
|
|
63 |
return nil unless ldap_con.bind
|
|
64 |
# return user's attributes
|
|
65 |
logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
|
|
66 |
end
|
| 59 |
67 |
attrs
|
| 60 |
68 |
rescue Net::LDAP::LdapError => text
|
| 61 |
69 |
raise "LdapError: " + text
|