From c197a542d5f0a9fd2ec2a7aa73aae11c24863dc3 Mon Sep 17 00:00:00 2001
From: kohsuke <kohsuke@71c3de6d-444a-0410-be80-ed276b4c234a>
Date: Fri, 13 Jun 2008 21:59:57 +0000
Subject: [PATCH] [HUDSON-1802] LDAP authentication with non-empty manager
 DN/password was not working correctly. In 1.225.

git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@10095 71c3de6d-444a-0410-be80-ed276b4c234a

Originally-Committed-As: 0f61ee2ca0187305f197dbddccee4c52d11fbc29
---
 .../hudson/security/LDAPSecurityRealm/config.jelly        | 6 +++---
 .../WEB-INF/security/LDAPBindSecurityRealm.groovy         | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly b/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly
index ffde1f3..2757495 100644
--- a/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly
+++ b/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly
@@ -1,7 +1,7 @@
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
 	<f:entry title="${%Server}" help="/help/security/ldap/server.html">
 	  <f:textbox name="ldap.server" value="${instance.server}"
-            checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?server='+escape(this.value)+'&amp;managerDN='+escape(this.form.elements['ldap.managerDN'].value)+'&amp;managerPassword='+escape(this.form.elements['ldap.managerPassword'].value)"/>
+            checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?field=server&amp;server='+escape(this.value)+'&amp;managerDN='+escape(this.form.elements['ldap.managerDN'].value)+'&amp;managerPassword='+escape(this.form.elements['ldap.managerPassword'].value)"/>
 	</f:entry>
   <f:advanced>
     <f:entry title="${%root DN}" help="/help/security/ldap/rootDN.html">
@@ -15,12 +15,12 @@
     </f:entry>
     <f:entry title="${%Manager DN}" help="/help/security/ldap/managerDN.html">
       <f:textbox name="ldap.managerDN" value="${instance.managerDN}"
-      checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?server='+escape(this.form.elements['ldap.server'].value)+'&amp;managerDN='+escape(this.value)+'&amp;managerPassword='+escape(this.form.elements['ldap.managerPassword'].value)" 
+      checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?field=managerDN&amp;server='+escape(this.form.elements['ldap.server'].value)+'&amp;managerDN='+escape(this.value)+'&amp;managerPassword='+escape(this.form.elements['ldap.managerPassword'].value)"
       />
     </f:entry>
     <f:entry title="${%Manager Password}" help="/help/security/ldap/managerPassword.html">
       <f:password name="ldap.managerPassword" value="${instance.managerPassword}" 
-      checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?server='+escape(this.form.elements['ldap.server'].value)+'&amp;managerDN='+escape(this.form.elements['ldap.managerDN'].value)+'&amp;managerPassword='+escape(this.value)" 
+      checkUrl="'${rootURL}/securityRealms/LDAPSecurityRealm/serverCheck?field=password&amp;server='+escape(this.form.elements['ldap.server'].value)+'&amp;managerDN='+escape(this.form.elements['ldap.managerDN'].value)+'&amp;managerPassword='+escape(this.value)" 
       />
     </f:entry>
   </f:advanced>
diff --git a/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy b/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
index 94c61c8..c56420f 100644
--- a/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
+++ b/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
@@ -16,10 +16,10 @@ import hudson.model.Hudson
 */
 
 initialDirContextFactory(DefaultInitialDirContextFactory, instance.getLDAPURL() ) {
-
-  // if anonymous bind is not allowed --- but what is the use of anonymous bind?
-  // managerDn = "..."
-  // managerPassword="..."
+  if(instance.managerDN!=null) {
+    managerDn = instance.managerDN;
+    managerPassword = instance.getManagerPassword();
+  }
 }
 
 ldapUserSearch(FilterBasedLdapUserSearch, instance.userSearchBase, instance.userSearch, initialDirContextFactory) {