From 23bad16bba52a09f0cea3d2c40e6cf91e2945e37 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 17 Apr 2010 15:09:56 -0400 Subject: [PATCH] don't attempt to read a user's ldap password --- plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index 2e01738ec3..0dfc4c63be 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -96,7 +96,12 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + //ldap won't let us read a user's password, + //and we're going to set the password to a random string later anyways, + //so don't bother trying to read it. + if($sn_attribute != 'password'){ + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } } if(isset($registration_data['email']) && !empty($registration_data['email'])){ $registration_data['email_confirmed']=true;