Fix bug [ 1822782 ] login with empty password allowed when ldap active

Implementing suggestion from stefan kuthan - stefan_kuthan
This commit is contained in:
Carlos Ruiz 2008-01-28 19:35:12 +00:00
parent 175a76a907
commit 8e67bce559
1 changed files with 13 additions and 13 deletions

View File

@ -229,6 +229,11 @@ public class Login
if (system == null) if (system == null)
throw new IllegalStateException("No System Info"); throw new IllegalStateException("No System Info");
if (app_pwd == null || app_pwd.length() == 0)
{
log.warning("No Apps Password");
return null;
}
if (system.isLDAP()) if (system.isLDAP())
{ {
authenticated = system.isLDAP(app_user, app_pwd); authenticated = system.isLDAP(app_user, app_pwd);
@ -236,11 +241,6 @@ public class Login
app_pwd = null; app_pwd = null;
// if not authenticated, use AD_User as backup // if not authenticated, use AD_User as backup
} }
else if (app_pwd == null || app_pwd.length() == 0)
{
log.warning("No Apps Password");
return null;
}
KeyNamePair[] retValue = null; KeyNamePair[] retValue = null;
ArrayList<KeyNamePair> list = new ArrayList<KeyNamePair>(); ArrayList<KeyNamePair> list = new ArrayList<KeyNamePair>();