1 files changed, 9 insertions, 3 deletions

diff --git a/keystone/identity/backends/ldap.py b/keystone/identity/backends/ldap.py
index 7f5cedc3..91ea1e41 100644
--- a/keystone/identity/backends/ldap.py
+++ b/keystone/identity/backends/ldap.py
@@ -19,6 +19,7 @@ import uuid
 import ldap
 
 from keystone import clean
+from keystone.common import dependency
 from keystone.common import ldap as common_ldap
 from keystone.common import logging
 from keystone.common import models
@@ -38,6 +39,7 @@ DEFAULT_DOMAIN = {
 }
 
 
+@dependency.requires('assignment_api')
 class Identity(identity.Driver):
     def __init__(self):
         super(Identity, self).__init__()
@@ -52,7 +54,7 @@ class Identity(identity.Driver):
     def create_project(self, project_id, project):
         return self.assignment_api.create_project(project_id, project)
 
-    def authenticate(self, user_id=None, password=None):
+    def authenticate(self, user_id, password):
         try:
             user_ref = self._get_user(user_id)
         except exception.UserNotFound:
@@ -77,7 +79,8 @@ class Identity(identity.Driver):
         return self.assignment_api._set_default_domain(ref)
 
     def list_users(self):
-        return self.assignment_api._set_default_domain(self.user.get_all())
+        return (self.assignment_api._set_default_domain
+                (self.user.get_all_filtered()))
 
     def get_user_by_name(self, user_name, domain_id):
         self.assignment_api._validate_default_domain_id(domain_id)
@@ -181,7 +184,7 @@ class Identity(identity.Driver):
         for user_dn in self.group.list_group_users(group_id):
             user_id = self.user._dn_to_id(user_dn)
             try:
-                users.append(self.user.get(user_id))
+                users.append(self.user.get_filtered(user_id))
             except exception.UserNotFound:
                 LOG.debug(_("Group member '%(user_dn)s' not found in"
                             " '%(group_id)s'. The user should be removed"
@@ -264,6 +267,9 @@ class UserApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap):
         user = self.get(user_id)
         return identity.filter_user(user)
 
+    def get_all_filtered(self):
+        return [identity.filter_user(user) for user in self.get_all()]
+
 
 class GroupApi(common_ldap.BaseLdap):
     DEFAULT_OU = 'ou=UserGroups'