IDEMPIERE-1670:log-in with ldap account fail

2014-03-07 20:59:32 +07:00 · 2014-03-07 20:59:32 +07:00 · 1afe37e25b
parent d8f3f0d6b7
commit 1afe37e25b
1 changed files with 11 additions and 8 deletions
--- a/org.adempiere.base/src/org/compiere/util/Login.java
+++ b/org.adempiere.base/src/org/compiere/util/Login.java
@ -1241,10 +1241,6 @@ public class Login
 		if (system.isLDAP())
 		{
 			authenticated = system.isLDAP(app_user, app_pwd);			
-			if (authenticated){
-				app_pwd = null;
-				authenticated=true;
-			}
 			// if not authenticated, use AD_User as backup
 		}

@ -1328,12 +1324,16 @@ public class Login
 			}
 			clientsValidated.add(user.getAD_Client_ID());
 			boolean valid = false;
-			if (hash_password) {
+			// authenticated by ldap
+			if (authenticated){
+				valid = true;
+			} else if (hash_password) {
 				valid = user.authenticateHash(app_pwd);
 			} else {
 				// password not hashed
 				valid = user.getPassword() != null && user.getPassword().equals(app_pwd);
 			}			
+			
 			if (valid ) {			
 				if (user.isLocked())
 				{
@ -1341,7 +1341,10 @@ public class Login
 					continue;
 				}
 				
-				if (user.isExpired())
+				if (authenticated){
+					// use Ldap because don't check password age
+				}
+				else if (user.isExpired())
 					isPasswordExpired = true;
 				else if (MAX_PASSWORD_AGE > 0 && !user.isNoPasswordReset())
 				{