diff --git a/pkg/modules/auth/ldap/ldap.go b/pkg/modules/auth/ldap/ldap.go index c4c1828ac..c6eb73e91 100644 --- a/pkg/modules/auth/ldap/ldap.go +++ b/pkg/modules/auth/ldap/ldap.go @@ -18,6 +18,7 @@ package ldap import ( "crypto/tls" + "errors" "fmt" "strings" @@ -153,6 +154,11 @@ func AuthenticateUserInLDAP(s *xorm.Session, username, password string) (u *user // Bind as the user to verify their password err = l.Bind(userdn, password) if err != nil { + var lerr *ldap.Error + if errors.As(err, &lerr) && lerr.ResultCode == ldap.LDAPResultInvalidCredentials { + return nil, user.ErrWrongUsernameOrPassword{} + } + return }