diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:35:23 -0500 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:35:23 -0500 |
| commit | 787f7af77f69aa72028a3865f3689a6f18995c96 (patch) | |
| tree | 9317e91018b421034bdde8a14e659cba6e277fb0 /Core/Authentication | |
| parent | 3eb62fffbb324147f6dd68da4c3427fabfbdbe80 (diff) | |
| parent | 0441ef2d18b4de4570f6364c70d0af7dd0d447f1 (diff) | |
| download | symfony-security-787f7af77f69aa72028a3865f3689a6f18995c96.zip symfony-security-787f7af77f69aa72028a3865f3689a6f18995c96.tar.gz symfony-security-787f7af77f69aa72028a3865f3689a6f18995c96.tar.bz2 | |
* 2.8:
Fixed issue with blank password with Ldap
Diffstat (limited to 'Core/Authentication')
| -rw-r--r-- | Core/Authentication/Provider/LdapBindAuthenticationProvider.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Core/Authentication/Provider/LdapBindAuthenticationProvider.php b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php index adc42ef..e887f99 100644 --- a/Core/Authentication/Provider/LdapBindAuthenticationProvider.php +++ b/Core/Authentication/Provider/LdapBindAuthenticationProvider.php @@ -73,6 +73,10 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider $username = $token->getUsername(); $password = $token->getCredentials(); + if ('' === $password) { + throw new BadCredentialsException('The presented password must not be empty.'); + } + try { $username = $this->ldap->escape($username, '', LDAP_ESCAPE_DN); $dn = str_replace('{username}', $username, $this->dnString); |