[PLAT-16543] Fix LDAP authentication

Summary: Fix LDAP authentication to return the search result in case the email does not match the distinguished name entry. Test Plan: Manually verified the LDAP login Reviewers: anabaria, vbansal Reviewed By: vbansal Subscribers: yugaware Differential Revision: https://phorge.dev.yugabyte.com/D41428
yugabyte · Jan 24, 2025 · f7375dc · f7375dc
1 parent 54145b9
commit f7375dc
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/managed/src/main/java/com/yugabyte/yw/common/LdapUtil.java b/managed/src/main/java/com/yugabyte/yw/common/LdapUtil.java
@@ -333,12 +333,11 @@ private Triple<Entry, String, String> searchAndBind(
         }
 
         // Cursor.next returns true in some environments
-        if (!StringUtils.isEmpty(distinguishedName)
-            && getNameFromDN(distinguishedName).equals(email)) {
+        if (!StringUtils.isEmpty(distinguishedName)) {
           if (ldapConfiguration.isEnableDetailedLogs()) {
             log.debug("Successfully fetched user entry from LDAP Server {}", userEntry.toString());
           }
-          return new ImmutableTriple<Entry, String, String>(userEntry, distinguishedName, role);
+          break;
         }
       }
 
@@ -352,7 +351,7 @@ && getNameFromDN(distinguishedName).equals(email)) {
       log.error("LDAP query failed.", e);
       throw new PlatformServiceException(BAD_REQUEST, "LDAP search failed.");
     }
-    return new ImmutableTriple<Entry, String, String>(null, "", "");
+    return new ImmutableTriple<Entry, String, String>(userEntry, distinguishedName, role);
   }
 
   public LdapNetworkConnection createConnection(