Merge pull request goharbor#2143 from reasonerjt/fix-ldap-1.1.0

reasonerjt · web-flow · commit ed6e60ba71b2 · 2017-04-26T16:52:23.000+08:00
do not return error when ldap bind failed
diff --git a/src/ui/auth/ldap/ldap.go b/src/ui/auth/ldap/ldap.go
@@ -79,7 +79,8 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
 
 	log.Debugf("username: %s, dn: %s", u.Username, dn)
 	if err := ldapUtils.Bind(ldapConfs, dn, m.Password); err != nil {
-		return nil, fmt.Errorf("Failed to bind user, username: %s, dn: %s, error: %v", u.Username, dn, err)
+		log.Warningf("Failed to bind user, username: %s, dn: %s, error: %v", u.Username, dn, err)
+		return nil, nil
 	}
 	exist, err := dao.UserExists(u, "username")
 	if err != nil {
diff --git a/src/ui/auth/ldap/ldap_test.go b/src/ui/auth/ldap/ldap_test.go
@@ -124,8 +124,11 @@ func TestAuthenticate(t *testing.T) {
 	}
 	person.Principal = "test"
 	person.Password = "1"
-	_, err = auth.Authenticate(person)
-	if err == nil {
-		t.Errorf("Expected error for wrong password")
+	user, err = auth.Authenticate(person)
+	if err != nil {
+		t.Errorf("unexpected ldap error: %v", err)
+	}
+	if user != nil {
+		t.Errorf("Nil user expected for wrong password")
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,8 @@ func (l Auth) Authenticate(m models.AuthModel) (models.User, error) {`
`79`	`79`
`80`	`80`	`log.Debugf("username: %s, dn: %s", u.Username, dn)`
`81`	`81`	`if err := ldapUtils.Bind(ldapConfs, dn, m.Password); err != nil {`
`82`		`- return nil, fmt.Errorf("Failed to bind user, username: %s, dn: %s, error: %v", u.Username, dn, err)`
	`82`	`+ log.Warningf("Failed to bind user, username: %s, dn: %s, error: %v", u.Username, dn, err)`
	`83`	`+ return nil, nil`
`83`	`84`	`}`
`84`	`85`	`exist, err := dao.UserExists(u, "username")`
`85`	`86`	`if err != nil {`
Original file line number	Diff line number	Diff line change
`@@ -124,8 +124,11 @@ func TestAuthenticate(t *testing.T) {`
`124`	`124`	`}`
`125`	`125`	`person.Principal = "test"`
`126`	`126`	`person.Password = "1"`
`127`		`- _, err = auth.Authenticate(person)`
`128`		`- if err == nil {`
`129`		`- t.Errorf("Expected error for wrong password")`
	`127`	`+ user, err = auth.Authenticate(person)`
	`128`	`+ if err != nil {`
	`129`	`+ t.Errorf("unexpected ldap error: %v", err)`
	`130`	`+ }`
	`131`	`+ if user != nil {`
	`132`	`+ t.Errorf("Nil user expected for wrong password")`
`130`	`133`	`}`
`131`	`134`	`}`