diff mod_auth_ldap/mod_auth_ldap.lua @ 1163:52bee1247014

mod_auth_ldap: Add a configurable scope, defaulting to onelevel
author Kim Alvefur <zash@zash.se>
date Thu, 15 Aug 2013 15:30:24 +0200
parents 8e3420d48508
children c99d8b666eb4
line wrap: on
line diff
--- a/mod_auth_ldap/mod_auth_ldap.lua	Thu Aug 15 15:22:51 2013 +0200
+++ b/mod_auth_ldap/mod_auth_ldap.lua	Thu Aug 15 15:30:24 2013 +0200
@@ -6,6 +6,7 @@
 local ldap_rootdn = module:get_option_string("ldap_rootdn", "");
 local ldap_password = module:get_option_string("ldap_password", "");
 local ldap_tls = module:get_option_boolean("ldap_tls");
+local ldap_scope = module:get_option_string("ldap_scope", "onelevel");
 local ldap_base = assert(module:get_option_string("ldap_base"), "ldap_base is a required option for ldap");
 
 local lualdap = require "lualdap";
@@ -24,12 +25,14 @@
 function provider.test_password(username, password)
 	return do_query({
 		base = ldap_base;
+		scope = ldap_scope;
 		filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))";
 	});
 end
 function provider.user_exists(username)
 	return do_query({
 		base = ldap_base;
+		scope = ldap_scope;
 		filter = "(uid="..ldap_filter_escape(username)..")";
 	});
 end