Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/sources/ldapuser.py
branchstable
changeset 5836 e654c13b57b8
parent 5827 aad4496a279a
child 5855 db59080f1c8d 
--- a/server/sources/ldapuser.py	Fri Jun 25 11:29:48 2010 +0200
+++ b/server/sources/ldapuser.py	Sat Jun 26 08:42:48 2010 +0000
@@ -293,7 +293,13 @@
             raise AuthenticationError()
         # check password by establishing a (unused) connection
         try:
-            self._connect(user, password)
+            if password:
+                self._connect(user, password)
+            else:
+                # On Windows + ADAM this would have succeeded (!!!)
+                # You get Authenticated as: 'NT AUTHORITY\ANONYMOUS LOGON'.
+                # we really really don't want that
+                raise Exception('No password provided')
         except Exception, ex:
             self.info('while trying to authenticate %s: %s', user, ex)
             # Something went wrong, most likely bad credentials
cubicweb