outposts/ldap: fix order of flow check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
538a466090
commit
4029e19b72
|
@ -8,8 +8,8 @@ import (
|
|||
)
|
||||
|
||||
func (ls *LDAPServer) Bind(bindDN string, bindPW string, conn net.Conn) (ldap.LDAPResultCode, error) {
|
||||
ls.log.WithField("bindDN", bindDN).Info("bind")
|
||||
bindDN = strings.ToLower(bindDN)
|
||||
ls.log.WithField("bindDN", bindDN).Info("bind")
|
||||
for _, instance := range ls.providers {
|
||||
username, err := instance.getUsername(bindDN)
|
||||
if err == nil {
|
||||
|
|
|
@ -48,13 +48,13 @@ func (pi *ProviderInstance) Bind(username string, bindDN, bindPW string, conn ne
|
|||
fe.Answers[outpost.StagePassword] = bindPW
|
||||
|
||||
passed, err := fe.Execute()
|
||||
if !passed {
|
||||
return ldap.LDAPResultInvalidCredentials, nil
|
||||
}
|
||||
if err != nil {
|
||||
pi.log.WithField("bindDN", bindDN).WithError(err).Warning("failed to execute flow")
|
||||
return ldap.LDAPResultOperationsError, nil
|
||||
}
|
||||
if !passed {
|
||||
return ldap.LDAPResultInvalidCredentials, nil
|
||||
}
|
||||
access, err := fe.CheckApplicationAccess(pi.appSlug)
|
||||
if !access {
|
||||
pi.log.WithField("bindDN", bindDN).Info("Access denied for user")
|
||||
|
|
Reference in a new issue