Comment 2 for bug 711770

Revision history for this message
Valentijn Sessink (valentijn) wrote :

"Ignoring everything, except success" is the security issue.
I don't have anything against trying all modules, nor do I think that the "one succeeding module" is a security issue per se. But ignoring blatant errors, locked out users, wrong and/or expired passwords, that is a security issue.

May I kindly ask you to reconsider the "ignoring" part? After that, please feel free to ignore this bug report as well ;-)