From b935aebd99369a9c8e848f9d346be56e02c57c4b 2008-02-22 17:26:53
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: 2008-02-22 17:26:53
Subject: [PATCH] Fixed: LDAP authentication without password may be possible (#714).

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1169 e93f8b46-1217-0410-a6f0-8f06a7374b81

---

diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb
index b79b3ce..5a6789a 100644
--- a/app/models/auth_source_ldap.rb
+++ b/app/models/auth_source_ldap.rb
@@ -27,6 +27,7 @@ class AuthSourceLdap < AuthSource
   end
   
   def authenticate(login, password)
+    return nil if login.blank? || password.blank?
     attrs = []
     # get user's DN
     ldap_con = initialize_ldap_con(self.account, self.account_password)