Thanks. Committed with some minor stylistic changes as r1735.
Make sure that all errors are handled explicitly to be able to perform chained authentications
Review Request #730 — Created Jan. 31, 2009 and submitted
|Review Board SVN (deprecated)|
If an exception goes uncaught out of LDAPBacked.authenticate() function, the caller side (django.contrib.auth.authenticate()) doesn't catch it and thus stops processing of authenticating backends chain. So e.g. a locally created 'admin' user isn't able to login at all (the LDAP search returns nothing so accessing of search generates IndexError and voila -- after switching to LDAP-based authentication admin can't login and can't grant a LDAP user administrative permissions)