Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0ed6cfd

Browse filesBrowse files
nicolas-grekasnicolas-grekas
committed
Merge branch '3.4' into 4.4
* 3.4: [FrameworkBundle] Fix session.attribute_bag service definition Update LdapBindAuthenticationProvider.php
2 parents 60245d9 + 08ded7f commit 0ed6cfd
Copy full SHA for 0ed6cfd

File tree

Expand file treeCollapse file tree

2 files changed

+4
-3
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+4
-3
lines changed

‎src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,8 @@
4141
<service id="Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface" alias="session.flash_bag" />
4242

4343
<service id="session.attribute_bag" class="Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag">
44-
<factory service="session" method="getAttributeBag"/>
44+
<factory service="session" method="getBag"/>
45+
<argument>attributes</argument>
4546
</service>
4647

4748
<service id="session.storage.mock_file" class="Symfony\Component\HttpFoundation\Session\Storage\MockFileSessionStorage">

‎src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,14 +83,13 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
8383
}
8484

8585
try {
86-
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_DN);
87-
8886
if ($this->queryString) {
8987
if ('' !== $this->searchDn && '' !== $this->searchPassword) {
9088
$this->ldap->bind($this->searchDn, $this->searchPassword);
9189
} else {
9290
@trigger_error('Using the "query_string" config without using a "search_dn" and a "search_password" is deprecated since Symfony 4.4 and will throw an exception in Symfony 5.0.', E_USER_DEPRECATED);
9391
}
92+
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_FILTER);
9493
$query = str_replace('{username}', $username, $this->queryString);
9594
$result = $this->ldap->query($this->dnString, $query)->execute();
9695
if (1 !== $result->count()) {
@@ -99,6 +98,7 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
9998

10099
$dn = $result[0]->getDn();
101100
} else {
101+
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_DN);
102102
$dn = str_replace('{username}', $username, $this->dnString);
103103
}
104104

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.