From: Bradley Nicholes <bnicholes@apache.org>
Date: Wed, 18 Sep 2002 23:38:30 +0000 (+0000)
Subject: If the user passed invalid credentials (user id or password) and auth_ldap is
X-Git-Tag: WROWE_2_0_43_PRE1~95
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18ab049b120bd7da8a0b4d47801066bcf5f2ae37;p=thirdparty%2Fapache%2Fhttpd.git

If the user passed invalid credentials (user id or password) and auth_ldap is
authoritative, allow the user to retry.  This is consistent with the other auth
modules.  It previously only allowed a retry if the password was invalid.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96893 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/experimental/mod_auth_ldap.c b/modules/experimental/mod_auth_ldap.c
index d1e79b78bf4..357ae9866d0 100644
--- a/modules/experimental/mod_auth_ldap.c
+++ b/modules/experimental/mod_auth_ldap.c
@@ -280,12 +280,12 @@ int mod_auth_ldap_check_user_id(request_rec *r)
                       "[%d] auth_ldap authenticate: "
                       "user %s authentication failed; URI %s [%s][%s]",
 		      getpid(), r->user, r->uri, ldc->reason, ldap_err2string(result));
-        if (LDAP_INVALID_CREDENTIALS == result) {
+        if ((LDAP_INVALID_CREDENTIALS == result) || sec->auth_authoritative) {
             ap_note_basic_auth_failure(r);
             return HTTP_UNAUTHORIZED;
         }
         else {
-            return sec->auth_authoritative? HTTP_UNAUTHORIZED: DECLINED;
+            return DECLINED;
         }
     }