Disable bind

author Mathieu <mbaudier@argeo.org>

Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)

committer Mathieu <mbaudier@argeo.org>

Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)
author Mathieu <mbaudier@argeo.org>
Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)
committer Mathieu <mbaudier@argeo.org>
Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java

index 278321c24480de4c08db1debab26301701672d14..2fbf8c232cd2ed89c125f403681a4552e56a11fb 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -155,20 +155,24 @@ public class UserAdminLoginModule implements LoginModule {
                         return true;// expect Kerberos
  
                 if (password != null) {
+                       //  TODO disabling bind for the time being,
+                       // as it requires authorisations to be set at LDAP level
+                       boolean tryBind = false;
                         // try bind first
-                       try {
-                               AuthenticatingUser authenticatingUser = new AuthenticatingUser(user.getName(), password);
-                               bindAuthorization = userAdmin.getAuthorization(authenticatingUser);
-                               // TODO check tokens as well
-                               if (bindAuthorization != null) {
-                                       authenticatedUser = user;
-                                       return true;
+                       if (tryBind)
+                               try {
+                                       AuthenticatingUser authenticatingUser = new AuthenticatingUser(user.getName(), password);
+                                       bindAuthorization = userAdmin.getAuthorization(authenticatingUser);
+                                       // TODO check tokens as well
+                                       if (bindAuthorization != null) {
+                                               authenticatedUser = user;
+                                               return true;
+                                       }
+                               } catch (Exception e) {
+                                       // silent
+                                       if (log.isTraceEnabled())
+                                               log.trace("Bind failed", e);
                                 }
-                       } catch (Exception e) {
-                               // silent
-                               if (log.isTraceEnabled())
-                                       log.trace("Bind failed", e);
-                       }
  
                         // works only if a connection password is provided
                         if (!user.hasCredential(null, password)) {
author	Mathieu <mbaudier@argeo.org>
	Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)
committer	Mathieu <mbaudier@argeo.org>
	Tue, 8 Nov 2022 04:35:11 +0000 (05:35 +0100)