X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FAuthentication%2FStore%2FLDAP%2FBackend.pm;h=a6c46abda9263513dc3012b8be3868bd700468cf;hb=238a096f21994346bf44a01448e339e2b658edf6;hp=403b63c0705bf80c877b9cf757068a55b7f63ea7;hpb=5a9aba6e13855eefe942190745802604cf8b72b0;p=catagits%2FCatalyst-Authentication-Store-LDAP.git

diff --git a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
index 403b63c..a6c46ab 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
@@ -208,8 +208,7 @@ If $binddn is "anonymous", an anonymous bind will be performed.
 =cut
 
 sub ldap_bind {
-    my ( $self, $ldap, $binddn, $bindpw, $forauth ) = @_;
-    $forauth ||= 0;
+    my ( $self, $ldap, $binddn, $bindpw ) = @_;
     $ldap ||= $self->ldap_connect;
     if ( !defined($ldap) ) {
         Catalyst::Exception->throw("LDAP Server undefined!");
@@ -226,20 +225,11 @@ sub ldap_bind {
         $self->_ldap_bind_anon($ldap);
     }
     else {
-        # Don't fall back to unauthenticated bind when authenticating
-        if ($bindpw or $forauth eq 'forauth') {
+        if ($bindpw) {
             my $mesg = $ldap->bind( $binddn, 'password' => $bindpw );
             if ( $mesg->is_error ) {
-
-                # If we're not checking this bind for authentication purposes
-                # Go ahead an blow up if we fail.
-                if ( $forauth ne 'forauth' ) {
-                    Catalyst::Exception->throw(
-                        "Error on Initial Bind: " . $mesg->error );
-                }
-                else {
-                    return undef;
-                }
+                Catalyst::Exception->throw(
+                    "Error on Initial Bind: " . $mesg->error );
             }
         }
         else {
@@ -257,6 +247,24 @@ sub _ldap_bind_anon {
     }
 }
 
+=head2 ldap_auth( $binddn, $bindpw )
+
+Connect to the LDAP server and do an authenticated bind against the
+directory. Throws an exception if connecting to the LDAP server fails.
+Returns 1 if binding succeeds, 0 if it fails.
+
+=cut
+
+sub ldap_auth {
+    my ( $self, $binddn, $bindpw ) = @_;
+    my $ldap = $self->ldap_connect;
+    if ( !defined $ldap ) {
+        Catalyst::Exception->throw("LDAP server undefined!");
+    }
+    my $mesg = $ldap->bind( $binddn, password => $bindpw );
+    return $mesg->is_error ? 0 : 1;
+}
+
 =head2 lookup_user($id)
 
 Given a User ID, this method will: