diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:34:47 -0500 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:34:47 -0500 |
| commit | 0441ef2d18b4de4570f6364c70d0af7dd0d447f1 (patch) | |
| tree | bac316d42397d60bab5b61297e4f8972685898c0 /Core/Authentication | |
| parent | 231aafdaf4c9abbc812139bd6f909008fec91cd7 (diff) | |
| parent | 41bd59c6e04c433c9d0bcd53d8524226fb3aeb3a (diff) | |
| download | symfony-security-0441ef2d18b4de4570f6364c70d0af7dd0d447f1.zip symfony-security-0441ef2d18b4de4570f6364c70d0af7dd0d447f1.tar.gz symfony-security-0441ef2d18b4de4570f6364c70d0af7dd0d447f1.tar.bz2 | |
This PR was merged into the 2.8 branch.
Discussion
----------
Fixed issue with blank password with Ldap
| Q | A
| ------------- | ---
| Branch? | 1.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c7d9c62 Fixed issue with blank password with Ldap
Diffstat (limited to 'Core/Authentication')
| -rw-r--r-- | Core/Authentication/Provider/LdapBindAuthenticationProvider.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Core/Authentication/Provider/LdapBindAuthenticationProvider.php b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php index adc42ef..e887f99 100644 --- a/Core/Authentication/Provider/LdapBindAuthenticationProvider.php +++ b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php @@ -73,6 +73,10 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider $username = $token->getUsername(); $password = $token->getCredentials(); + if ('' === $password) { + throw new BadCredentialsException('The presented password must not be empty.'); + } + try { $username = $this->ldap->escape($username, '', LDAP_ESCAPE_DN); $dn = str_replace('{username}', $username, $this->dnString); |