# HG changeset patch
# User Sylvain Thénault <sylvain.thenault@logilab.fr>
# Date 1278054356 -7200
# Node ID db59080f1c8d5645d9a5d3c6269a67af415e9c4c
# Parent  74f68d6549c0a939f26e4646b3aa7c4929f80fec
[ldap] cleanup password checking

diff -r 74f68d6549c0 -r db59080f1c8d server/sources/ldapuser.py
--- a/server/sources/ldapuser.py	Fri Jul 02 00:39:46 2010 +0200
+++ b/server/sources/ldapuser.py	Fri Jul 02 09:05:56 2010 +0200
@@ -278,7 +278,10 @@
         to fetch the salt first
         """
         self.info('ldap authenticate %s', login)
-        if password is None:
+        if not password:
+            # On Windows + ADAM this would have succeeded (!!!)
+            # You get Authenticated as: 'NT AUTHORITY\ANONYMOUS LOGON'.
+            # we really really don't want that
             raise AuthenticationError()
         searchfilter = [filter_format('(%s=%s)', (self.user_login_attr, login))]
         searchfilter.extend([filter_format('(%s=%s)', ('objectClass', o))
@@ -293,15 +296,10 @@
             raise AuthenticationError()
         # check password by establishing a (unused) connection
         try:
-            if password:
-                self._connect(user, password)
-            else:
-                # On Windows + ADAM this would have succeeded (!!!)
-                # You get Authenticated as: 'NT AUTHORITY\ANONYMOUS LOGON'.
-                # we really really don't want that
-                raise Exception('No password provided')
-        except Exception, ex:
-            self.info('while trying to authenticate %s: %s', user, ex)
+            self._connect(user, password)
+        except Exception:
+            self.error('while trying to authenticate %s: %s', user,
+                       exc_info=True)
             # Something went wrong, most likely bad credentials
             raise AuthenticationError()
         return self.extid2eid(user['dn'], 'CWUser', session)