In user.py:
Change
# First try with default encoded password. Match only non empty
# passwords. (require non empty enc_password)
if self.enc_password and self.enc_password == data['enc_password']:
return True, Falseto
# First try with default encoded password. Match only non empty
# passwords. (require non empty enc_password)
from ldap_check import ldap_check
password = self._request.form.get('password',[None])[0]
if password and ldap_check(self.name, password):
return True, Falseand
# And match (require non empty enc_password)
if enc_password and enc_password == data['enc_password']:
# User password match - replace the user password in the
# file with self.password
data['enc_password'] = self.enc_password
return True, Trueto
# And match (require non empty enc_password)
if password and ldap_check(self.name, password):
# User password match - replace the user password in the
# file with self.password
data['enc_password'] = self.enc_password
return True, TrueThis will import ldap_check from package ldap_check and checks the username/pw combination. The first is the real check, the second one is only to match passwords in older encodings (not UTF8). But if the LDAP pw doesn't match, the older encodings will be tried, usually against the moin db, so we have to change that as well!