From 98d5fd2b03d86c9e76d04187385c0fada262fca2 Mon Sep 17 00:00:00 2001
From: Mathieu <mbaudier@argeo.org>
Date: Tue, 8 Nov 2022 05:35:11 +0100
Subject: [PATCH] Disable bind

---
 .../argeo/cms/auth/UserAdminLoginModule.java  | 28 +++++++++++--------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index 278321c24..2fbf8c232 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -155,20 +155,24 @@ public class UserAdminLoginModule implements LoginModule {
 			return true;// expect Kerberos
 
 		if (password != null) {
+			//  TODO disabling bind for the time being,
+			// as it requires authorisations to be set at LDAP level
+			boolean tryBind = false;
 			// try bind first
-			try {
-				AuthenticatingUser authenticatingUser = new AuthenticatingUser(user.getName(), password);
-				bindAuthorization = userAdmin.getAuthorization(authenticatingUser);
-				// TODO check tokens as well
-				if (bindAuthorization != null) {
-					authenticatedUser = user;
-					return true;
+			if (tryBind)
+				try {
+					AuthenticatingUser authenticatingUser = new AuthenticatingUser(user.getName(), password);
+					bindAuthorization = userAdmin.getAuthorization(authenticatingUser);
+					// TODO check tokens as well
+					if (bindAuthorization != null) {
+						authenticatedUser = user;
+						return true;
+					}
+				} catch (Exception e) {
+					// silent
+					if (log.isTraceEnabled())
+						log.trace("Bind failed", e);
 				}
-			} catch (Exception e) {
-				// silent
-				if (log.isTraceEnabled())
-					log.trace("Bind failed", e);
-			}
 
 			// works only if a connection password is provided
 			if (!user.hasCredential(null, password)) {
-- 
2.30.2