--- a/server/sources/ldapuser.py	Fri Jul 02 10:29:32 2010 +0200
+++ b/server/sources/ldapuser.py	Fri Jul 02 11:52:51 2010 +0200
@@ -19,8 +19,6 @@
 
 this source is for now limited to a read-only CWUser source
 
-
-
 Part of the code is coming form Zope's LDAPUserFolder
 
 Copyright (c) 2004 Jens Vagelpohl.
@@ -278,7 +276,10 @@
         to fetch the salt first
         """
         self.info('ldap authenticate %s', login)
-        if password is None:
+        if not password:
+            # On Windows + ADAM this would have succeeded (!!!)
+            # You get Authenticated as: 'NT AUTHORITY\ANONYMOUS LOGON'.
+            # we really really don't want that
             raise AuthenticationError()
         searchfilter = [filter_format('(%s=%s)', (self.user_login_attr, login))]
         searchfilter.extend([filter_format('(%s=%s)', ('objectClass', o))
@@ -293,16 +294,13 @@
             raise AuthenticationError()
         # check password by establishing a (unused) connection
         try:
-            if password:
-                self._connect(user, password)
-            else:
-                # On Windows + ADAM this would have succeeded (!!!)
-                # You get Authenticated as: 'NT AUTHORITY\ANONYMOUS LOGON'.
-                # we really really don't want that
-                raise Exception('No password provided')
-        except Exception, ex:
+            self._connect(user, password)
+        except ldap.LDAPError, ex:
+            # Something went wrong, most likely bad credentials
             self.info('while trying to authenticate %s: %s', user, ex)
-            # Something went wrong, most likely bad credentials
+            raise AuthenticationError()
+        except Exception:
+            self.error('while trying to authenticate %s', user, exc_info=True)
             raise AuthenticationError()
         return self.extid2eid(user['dn'], 'CWUser', session)