Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Minor] if no LDAP data for userPrincipalName, then try with sAMAccountName

This commit is contained in:
Robert von Burg 2018-10-04 15:34:30 +02:00
parent 8516233943
commit 4f73506215
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
li.strolch.privilege/src/main/java/li/strolch/privilege/handler/LdapPrivilegeHandler.java
View File

@ -87,9 +87,16 @@ public class LdapPrivilegeHandler extends DefaultPrivilegeHandler {
// Search for objects using the filter
NamingEnumeration<SearchResult> answer = ctx.search(this.searchBase, searchFilter, searchCtls);
if (!answer.hasMore())
throw new AccessDeniedException(
"Could not login with user: " + username + this.domain + " on Ldap: no LDAP Data");
if (!answer.hasMore()) {
logger.warn("No LDAP data retrieved using userPrincipalName, trying with sAMAccountName...");
searchFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + username + "))";
answer = ctx.search(this.searchBase, searchFilter, searchCtls);
if (!answer.hasMore())
throw new AccessDeniedException("Could not login with user: " + username + this.domain
+ " on Ldap: no LDAP Data, for either userPrincipalName or sAMAccountName");
}
SearchResult sr = (SearchResult) answer.next();
if (answer.hasMore())