ldap.rb in rubycas-server-0.5.0

- old
+ new

@@ -9,13 +9,13 @@
 end
 
 class CASServer::Authenticators::LDAP < CASServer::Authenticators::Base
   def validate(credentials)
     read_standard_credentials(credentials)
-    
+
     return false if @password.blank?
-    
+   
     raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
     raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:ldap]
     raise CASServer::AuthenticatorError, "You must specify an ldap server in the configuration!" unless @options[:ldap][:server]
     
     raise CASServer::AuthenticatorError, "The username '#{@username}' contains invalid characters." if (@username =~ /[*\(\)\0\/]/)
@@ -66,12 +66,18 @@
       
       @ldap.authenticate(@options[:ldap][:auth_user], @options[:ldap][:auth_password])
       
       username_attribute = options[:ldap][:username_attribute] || default_username_attribute
       
-      filter = Net::LDAP::Filter.construct(@options[:ldap][:filter]) & 
-        Net::LDAP::Filter.eq(username_attribute, @username)
+      filter = Net::LDAP::Filter.construct(@options[:ldap][:filter]) if 
+        @options[:ldap][:filter] && !@options[:ldap][:filter].blank?
+      username_filter = Net::LDAP::Filter.eq(username_attribute, @username)
+      if filter
+        filter &= username_filter
+      else
+        filter = username_filter
+      end
       
       @ldap.bind_as(:base => @options[:ldap][:base], :password => @password, :filter => filter)
     end
     
     def bind_directly
@@ -84,6 +90,6 @@
       cn = @username
       
       @ldap.authenticate(cn, @password)
       @ldap.bind
     end
-end
\ No newline at end of file
+end