midsuit
/
core-jgi
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix bug [ 1822782 ] login with empty password allowed when ldap active 

Implementing suggestion from stefan kuthan - stefan_kuthan
This commit is contained in:
Carlos Ruiz 2008-01-28 19:35:12 +00:00
parent 175a76a907
commit 8e67bce559
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
base/src/org/compiere/util/Login.java
View File

@ -229,19 +229,19 @@ public class Login
if (system == null) if (system == null)
throw new IllegalStateException("No System Info"); throw new IllegalStateException("No System Info");
if (system.isLDAP()) if (app_pwd == null || app_pwd.length() == 0)
{ {
authenticated = system.isLDAP(app_user, app_pwd); log.warning("No Apps Password");
if (authenticated) return null;
app_pwd = null; }
// if not authenticated, use AD_User as backup if (system.isLDAP())
} {
else if (app_pwd == null || app_pwd.length() == 0) authenticated = system.isLDAP(app_user, app_pwd);
{ if (authenticated)
log.warning("No Apps Password"); app_pwd = null;
return null; // if not authenticated, use AD_User as backup
} }
KeyNamePair[] retValue = null; KeyNamePair[] retValue = null;
ArrayList<KeyNamePair> list = new ArrayList<KeyNamePair>(); ArrayList<KeyNamePair> list = new ArrayList<KeyNamePair>();
// //