From 506c6bf33d875194ba0f0feefa884d699ae193e1 Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Dec 22 2008 19:50:15 +0000 Subject: Resolves: bug 471681 Bug Description: DSGW authenticate multi-result hyperlinks broken Reviewed by: nhosoi (Thanks!) Fix Description: 1) The quoting was a bit off. The DSGW code adds double quotes at the beginning and end of the javascript. We have to use %22 to have DSGW emit double quotes in the right places where other double quotes are needed. 2) If you are attempting to auth as a real user, and you have password policy on such that the user must change the password after reset, and you are using a binddn instead of the default anon, the auth screen would not prompt you for your old password, because it thought you were already bound as the binddn. The binddn is not a real user in this case, and so should not be considered when testing for "bound". Platforms tested: RHEL5 Flag Day: no Doc impact: no --- diff --git a/config/list-Auth.html.in b/config/list-Auth.html.in index 0804bda..0d3bcc5 100644 --- a/config/list-Auth.html.in +++ b/config/list-Auth.html.in @@ -89,7 +89,7 @@ Please click on the name of the entry you would like to use for authentication. - + diff --git a/entrydisplay.c b/entrydisplay.c index d9480f9..db2408c 100644 --- a/entrydisplay.c +++ b/entrydisplay.c @@ -2912,7 +2912,9 @@ condition_is_true( int argc, char **argv, void *arg ) } if ( strcasecmp( argv[0], DSGW_COND_BOUND ) == 0 ) { - return( dsgw_get_binddn() != NULL ); + /* We are not really considered to be bound if we are bound + as the binddn user */ + return( (dsgw_get_binddn() != NULL) && gc->gc_binddn && (0 == dsgw_dn_cmp(dsgw_get_binddn(), gc->gc_binddn)) ); } if ( strcasecmp( argv[0], DSGW_COND_BOUNDASTHISENTRY ) == 0 ) { diff --git a/pbconfig/list-Auth.html.in b/pbconfig/list-Auth.html.in index 0ad0098..167596d 100644 --- a/pbconfig/list-Auth.html.in +++ b/pbconfig/list-Auth.html.in @@ -39,7 +39,7 @@ All rights reserved. END COPYRIGHT BLOCK --> - +