Raise an exception if LDAP search fails
ClosedPublic
Actions

Authored by epriestley on Dec 2 2013, 4:17 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Tue, Sep 3, 3:29 PM

	Unknown Object (File)
	Mon, Sep 2, 3:16 AM

	Unknown Object (File)
	Sun, Sep 1, 8:14 PM

	Unknown Object (File)
	Sun, Sep 1, 12:26 PM

	Unknown Object (File)
	Sat, Aug 31, 5:13 AM

	Unknown Object (File)
	Thu, Aug 22, 8:30 AM

	Unknown Object (File)
	Mon, Aug 19, 1:35 PM

	Unknown Object (File)
	Thu, Aug 15, 7:47 PM

View All Files

Subscribers

aran

Details

Reviewers

btrahan

Commits

rPHU9b2211b4ca72: Raise an exception if LDAP search fails

Summary

Currently, we assume search will always succeed if bind succeeds, but this isn't true in the wild. We don't have a root cause yet, but blunt this error into something vaguely useful rather than passing null to an array typehint and failing later and less usefully.

Test Plan

Used bin/auth ldap.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

epriestley added inline comments.Dec 2 2013, 4:19 PM

src/auth/PhutilAuthAdapterLDAP.php
401	(This parameter is unused.)

We tracked the root cause down to anonymous users being able to search, while credentialed users can not.
This is weird, but seems OK to accommodate.
After failing a search, try to rebind as anonymous again and redo the search.

Minor comment spelling / word choice.

btrahan accepted this revision.Dec 2 2013, 7:19 PM

Closed by commit rPHU9b2211b4ca72 (authored by @epriestley).

Revision Contents
Changeset List

Path

Size

src/

auth/

PhutilAuthAdapterLDAP.php

45 lines

Diff 17343

View Options

src/auth/PhutilAuthAdapterLDAP.php

Raise an exception if LDAP search failsClosedPublicActions