Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Users being locked out in Active Directory after access is granted #2

Closed
ellier opened this issue Jun 26, 2013 · 0 comments
Closed

Users being locked out in Active Directory after access is granted #2

ellier opened this issue Jun 26, 2013 · 0 comments

Comments

@ellier
Copy link

ellier commented Jun 26, 2013

Users get locked out in Active Directory after browsing protected routes.
The issue seems to be in this line: https://github.com/ccovey/ldap-auth/blob/master/src/Ccovey/LdapAuth/LdapAuthUserProvider.php#L49

In Laravel, retrieveById should not try to authenticate the user on every request after the user has been validated and granted access. It should make a query to check the user is still valid. Even if you decide to authenticate the user, you're only passing the username when $adldap->authenticate also expects a password. This is locking every account used to log into my app.
@ccovey ccovey closed this as completed Jun 28, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ellier @ccovey