### Eclipse Workspace Patch 1.0
#P moodle20
Index: lib/authlib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/authlib.php,v
retrieving revision 1.25
diff -u -r1.25 authlib.php
--- lib/authlib.php	1 Nov 2009 11:31:19 -0000	1.25
+++ lib/authlib.php	10 Nov 2009 15:29:45 -0000
@@ -31,12 +31,15 @@
 define('AUTH_OK',     0);
 
 /**
- * Returned when the login was unsuccessful.
+ * Returned when the login was unsuccessful. Other auth plugins are tried.
  */
 define('AUTH_FAIL',   1);
 
 /**
- * Returned when the login was denied (a reason for AUTH_FAIL).
+ * Returned when the login was denied, this indicates no other
+ * authentication plugins should be tried. UI displayes a different
+ * message which indicates username login failed. The failure should not
+ * depend on supplied password.
  */
 define('AUTH_DENIED', 2);
 
Index: lib/moodlelib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/moodlelib.php,v
retrieving revision 1.1261
diff -u -r1.1261 moodlelib.php
--- lib/moodlelib.php	7 Nov 2009 08:52:56 -0000	1.1261
+++ lib/moodlelib.php	10 Nov 2009 15:29:50 -0000
@@ -3508,9 +3508,12 @@
     foreach ($auths as $auth) {
         $authplugin = get_auth_plugin($auth);
 
-        // on auth fail fall through to the next plugin
-        if (!$authplugin->user_login($username, $password)) {
-            continue;
+        // on AUTH_FAIL (or 'false', for backward-compat) fall through to the next plugin
+        $rc = $authplugin->user_login($username, $password);
+        if ($rc === false or $rc === AUTH_FAIL) {
+	    	continue;
+        } elseif ($rc === AUTH_DENIED) {
+	    	return $rc;
         }
 
         // successful authentication
Index: login/index.php
===================================================================
RCS file: /cvsroot/moodle/moodle/login/index.php,v
retrieving revision 1.166
diff -u -r1.166 index.php
--- login/index.php	1 Nov 2009 12:13:30 -0000	1.166
+++ login/index.php	10 Nov 2009 15:29:50 -0000
@@ -92,7 +92,7 @@
     if (function_exists('weblink_auth')) {
         $user = weblink_auth($SESSION->wantsurl);
     }
-    if ($user) {
+    if (is_object($user)) {
         $frm->username = $user->username;
     } else {
         $frm = data_submitted();
@@ -135,7 +135,7 @@
     }
     update_login_count();
 
-    if ($user) {
+    if (is_object($user)) {
 
         // language setup
         if ($user->username == 'guest') {
@@ -226,9 +226,15 @@
         exit;
 
     } else {
-        if (empty($errormsg)) {
-            $errormsg = get_string("invalidlogin");
+        if ($user === AUTH_FAIL or $user === false) {
+            $errormsg = get_string('invalidlogin');
             $errorcode = 3;
+        } else if ($user === AUTH_DENIED) {
+            $errormsg = get_string('logindenied');
+            $errorcode = 5;
+        } else if ($user === AUTH_ERROR or empty($errormsg)) {
+            $errormsg = get_string('loginerror');
+            $errorcode = 6;
         }
 
         // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user
Index: lang/en_utf8/moodle.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lang/en_utf8/moodle.php,v
retrieving revision 1.262
diff -u -r1.262 moodle.php
--- lang/en_utf8/moodle.php	4 Nov 2009 07:23:19 -0000	1.262
+++ lang/en_utf8/moodle.php	10 Nov 2009 15:29:45 -0000
@@ -921,6 +921,8 @@
 $string['loginalready'] = 'You are already logged in';
 $string['loginas'] = 'Login as';
 $string['loginaspasswordexplain'] = '<p>You must enter the special \"loginas password\" to use this feature.<br />If you do not know it, ask your server administrator.</p>';
+$string['logindenied'] = 'Login denied.';
+$string['loginerror'] = 'Login error. Please contact your site administrator.';
 $string['loginguest'] = 'Login as a guest';
 $string['loginsite'] = 'Login to the site';
 $string['loginsteps'] = 'Hi! For full access to courses you\'ll need to take
Index: auth/nologin/auth.php
===================================================================
RCS file: /cvsroot/moodle/moodle/auth/nologin/auth.php,v
retrieving revision 1.5
diff -u -r1.5 auth.php
--- auth/nologin/auth.php	1 Nov 2009 11:55:16 -0000	1.5
+++ auth/nologin/auth.php	10 Nov 2009 15:29:43 -0000
@@ -36,7 +36,10 @@
      *
      */
     function user_login($username, $password) {
-        return false;
+        // give users a chance to guess what is wrong with their accounts.
+        // Change to AUTH_FAIL if you do not want to give any hints, we could add new
+        // plugin preference if needed.
+        return AUTH_DENIED;
     }
 
     /**