Skip to content
This repository has been archived by the owner on Jul 18, 2018. It is now read-only.

link ldap backend don't restrict access #21

Open
centredecalcul opened this issue Oct 21, 2015 · 0 comments
Open

link ldap backend don't restrict access #21

centredecalcul opened this issue Oct 21, 2015 · 0 comments

Comments

@centredecalcul
Copy link

Step to reproduce

  • configure ldap backend, restrict users access by ldap filter
  • enable cas_link_to_ldap_backend

Expected result

  • users who don't match LDAP filter will not have access to owncCloud

Actual result

  • everyone who can connect to CAS can also use the cloud

Solution

  • in user_cas.php,
if (($uid !== false) && ($ocname !== false)) {
    OC_Log::write('cas',"Found CAS user '$uid' in LDAP with name '$ocname'", OC_Log::DEBUG);
    return $ocname;
}
  • by:
if (($uid !== false) && ($ocname !== false)) {
    OC_Log::write('cas',"Found CAS user '$uid' in LDAP with name '$ocname'", OC_Log::DEBUG);
    return $ocname;
} else {
    return false;
}

Because the function checkPassword return $uid at the end.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@centredecalcul