From d47abbc35fc30d6826dab6280557a974f6f3edbe Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Wed, 19 Aug 2009 21:34:05 +0000
Subject: [PATCH] SEC-1223: Added break to bindWithDnLoop when non-null use is
 returned.

---
 .../security/ldap/authentication/BindAuthenticator.java       | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/BindAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/BindAuthenticator.java
index 5e6079531c..2f77591dde 100644
--- a/ldap/src/main/java/org/springframework/security/ldap/authentication/BindAuthenticator.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/BindAuthenticator.java
@@ -80,6 +80,10 @@ public class BindAuthenticator extends AbstractLdapAuthenticator {
         // If DN patterns are configured, try authenticating with them directly
         for (String dn : getUserDns(username)) {
             user = bindWithDn(dn, username, password);
+
+            if (user != null) {
+                break;
+            }
         }
 
         // Otherwise use the configured search object to find the user and authenticate with the returned DN.