include::../common/rationale.adoc[]

== Why is this an issue?

include::../common/description.adoc[]

=== What is the potential impact?

include::../common/impact.adoc[]

== How to fix it
 
=== Code examples

include::../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,python,diff-id=1,diff-type=noncompliant]
----
import ldap

def init_ldap():
   connect = ldap.initialize('ldap://example:1389')

   connect.simple_bind('cn=root') # Noncompliant
   connect.simple_bind_s('cn=root') # Noncompliant
   connect.bind_s('cn=root', None) # Noncompliant
   connect.bind('cn=root', None) # Noncompliant
----


==== Compliant solution

[source,python,diff-id=1,diff-type=compliant]
----
import ldap
import os

def init_ldap():
   connect = ldap.initialize('ldap://example:1389')

   connect.simple_bind('cn=root', os.environ.get('LDAP_PASSWORD'))
   connect.simple_bind_s('cn=root', os.environ.get('LDAP_PASSWORD'))
   connect.bind_s('cn=root', os.environ.get('LDAP_PASSWORD'))
   connect.bind('cn=root', os.environ.get('LDAP_PASSWORD'))
----

//=== How does this work?

//=== Pitfalls

//=== Going the extra mile


== Resources
//=== Documentation

include::../common/resources/documentation.adoc[]

//=== Articles & blog posts
//=== Conference presentations
//=== Standards

include::../common/resources/standards.adoc[]

//=== Benchmarks

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

=== Message

Provide a password when authenticating to this LDAP server.


include::../highlighting.adoc[]

endif::env-github,rspecator-view[]