React on LDAP server errors with a 503 Service Unavailable exception (#2745)

1 files changed, 18 insertions, 3 deletions

diff --git a/lib/Kolab/DAV/Auth/HTTPBasic.php b/lib/Kolab/DAV/Auth/HTTPBasic.php
index 1f841e9..4bf2aa8 100644
--- a/lib/Kolab/DAV/Auth/HTTPBasic.php
+++ b/lib/Kolab/DAV/Auth/HTTPBasic.php
@@ -26,12 +26,12 @@ namespace Kolab\DAV\Auth;
 use \rcube;
 use \rcube_user;
 use \rcube_utils;
-use Kolab\Utils\CacheAPC;
+use Sabre\DAV;
 
 /**
  *
  */
-class HTTPBasic extends \Sabre\DAV\Auth\Backend\AbstractBasic
+class HTTPBasic extends DAV\Auth\Backend\AbstractBasic
 {
     // Make the current user name available to all classes
     public static $current_user = null;
@@ -62,7 +62,7 @@ class HTTPBasic extends \Sabre\DAV\Auth\Backend\AbstractBasic
                 'pass'  => $password,
             ));
 
-            if ($cache) {
+            if ($cache && !$auth['abort']) {
                 $cache->set($cache_key, array(
                     'user'  => $auth['user'],
                     'host'  => $auth['host'],
@@ -82,6 +82,21 @@ class HTTPBasic extends \Sabre\DAV\Auth\Backend\AbstractBasic
 
             return true;
         }
+        else {
+            // check LDAP auth if using cached data
+            if (!isset($auth['abort'])) {
+                $auth = $rcube->plugins->exec_hook('authenticate', array(
+                    'host'  => $auth['host'],
+                    'user'  => $username,
+                    'pass'  => $password,
+                ));
+            }
+
+            // LDAP server failure... send 503 error
+            if ($auth['kolab_ldap_error']) {
+                throw new DAV\Exception\ServiceUnavailable('The service is temporarily unavailable (LDAP failure)');
+            }
+        }
 
         return false;
     }