From 14afa4ea926ad939a979dd45f46e1df7328e94c2 Mon Sep 17 00:00:00 2001
From: Bradley Nicholes <bnicholes@apache.org>
Date: Wed, 18 Sep 2002 23:38:30 +0000
Subject: [PATCH] If the user passed invalid credentials (user id or password)
 and auth_ldap is authoritative, allow the user to retry.  This is consistent
 with the other auth modules.  It previously only allowed a retry if the
 password was invalid.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96893 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/experimental/mod_auth_ldap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/experimental/mod_auth_ldap.c b/modules/experimental/mod_auth_ldap.c
index d1e79b78bf..357ae9866d 100644
--- a/modules/experimental/mod_auth_ldap.c
+++ b/modules/experimental/mod_auth_ldap.c
@@ -280,12 +280,12 @@ int mod_auth_ldap_check_user_id(request_rec *r)
                       "[%d] auth_ldap authenticate: "
                       "user %s authentication failed; URI %s [%s][%s]",
 		      getpid(), r->user, r->uri, ldc->reason, ldap_err2string(result));
-        if (LDAP_INVALID_CREDENTIALS == result) {
+        if ((LDAP_INVALID_CREDENTIALS == result) || sec->auth_authoritative) {
             ap_note_basic_auth_failure(r);
             return HTTP_UNAUTHORIZED;
         }
         else {
-            return sec->auth_authoritative? HTTP_UNAUTHORIZED: DECLINED;
+            return DECLINED;
         }
     }
 
-- 
2.50.1