← Back to branch summary

~openerp-indonesia-team/openerp-indonesia/openerp-addons-Indonesia

« back to all changes in this revision

Viewing changes to users_ldap/users_ldap.py

  • Committer: Iman(ADSOFT)
  • Date: 2011-05-06 23:31:40 UTC
  • Revision ID: alle@openerp.co.id-20110506233140-egef2xos807fw784
updates

Show diffs side-by-side

added added

removed removed

Lines of Context:
users_ldap/users_ldap.py
127
127
                            cr.close()
128
128
                            return res
129
129
                    l.unbind()
130
 
            except Exception, e:
 
130
            except Exception:
131
131
                logger.warning("Cannot auth", exc_info=True)
132
132
                continue
133
133
        cr.close()
138
138
            return super(users,self).check(db, uid, passwd)
139
139
        except security.ExceptionNoTb: # AccessDenied
140
140
            pass
 
141
 
 
142
        if not passwd:
 
143
            # empty passwords disallowed for obvious security reasons
 
144
            raise security.ExceptionNoTb('AccessDenied')
 
145
 
141
146
        cr = pooler.get_db(db).cursor()
142
147
        user = self.browse(cr, 1, uid)
143
148
        logger = logging.getLogger('orm.ldap')
156
161
                        result_type, result_data = l.result(result_id, timeout)
157
162
                        if result_data and result_type == ldap.RES_SEARCH_RESULT and len(result_data) == 1:
158
163
                            dn = result_data[0][0]
 
164
                            # some LDAP servers allow anonymous binding with blank passwords,
 
165
                            # but these have been rejected above, so we're safe to use bind()
159
166
                            if l.bind_s(dn, passwd):
160
167
                                l.unbind()
161
168
                                self._uid_cache.setdefault(db, {})[uid] = passwd
162
169
                                cr.close()
163
170
                                return True
164
171
                        l.unbind()
165
 
                except Exception, e:
 
172
                except Exception:
166
173
                    logger.warning('cannot check', exc_info=True)
167
174
                    pass
168
175
        cr.close()