opendev/gerrit
Code Issues Proposed changes

Fix LDAP authentication for the RFC2307 server type

Browse Source 
The accountWithMemberOfQuery is only set for the active directory server
type. We must not use this query for authenticating against an RFC2307
server type as it is null in this case and no account is found.

Honor the fetchMemberOf parameter of the Helper.findAccount only when
the accountMemberField is supported for the given LDAP type.

Bug: Issue 3201
Change-Id: Ifa58dcf6588b6bcae7c46d1cf793aaecb107aff2
This commit is contained in:
Saša Živkov
2015-03-10 17:21:09 +01:00
parent ff03c9cfbf
commit b246f9e098
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java
View File

@@ -194,7 +194,7 @@ import javax.security.auth.login.LoginException;
params.put(LdapRealm.USERNAME, username);
List<LdapQuery> accountQueryList;
if (fetchMemberOf) {
if (fetchMemberOf && schema.type.accountMemberField() != null) {
accountQueryList = schema.accountWithMemberOfQueryList;
} else {
accountQueryList = schema.accountQueryList;