Commit 5862e14f authored by Thomas Löffler's avatar Thomas Löffler

Merge branch 'use-only-ldap-auth-in-soap' into 'develop'

Uses LDAP validation only when accessing via SOAP

See merge request !179
parents 56fc5629 2f657c75
Pipeline #2135 passed with stages
in 2 minutes and 30 seconds
......@@ -144,13 +144,7 @@ class tx_ter_helper
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
$objPHPass = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($row['password']);
// we do not consider 'C' or 'M' prefixed salted password hashes
// as password strings on typo3.org are not updated ones
if ($row['password'] !== $accountData->password && !$objPHPass->checkPassword(
$accountData->password, $row['password']
) && !$this->ldapValidationSucceeded($accountData)
) {
if (!$this->ldapValidationSucceeded($accountData)) {
throw new tx_ter_exception_unauthorized ('Wrong password.', TX_TER_ERROR_GENERAL_WRONGPASSWORD);
}
} else {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment