diff -uNr LDAPUserFolder/LDAPDelegate.py LDAPUserFolder-dirk/LDAPDelegate.py
--- LDAPUserFolder/LDAPDelegate.py	Thu Apr 14 22:42:23 2005
+++ LDAPUserFolder-dirk/LDAPDelegate.py	Mon Jun 27 22:28:24 2005
@@ -175,7 +175,7 @@
 
     def connect(self, bind_dn='', bind_pwd=''):
         """ initialize an ldap server connection """
-        if bind_dn != '':
+        if bind_dn != '' and bind_pwd != '__ssoticket__':
             user_dn = bind_dn
             user_pwd = bind_pwd or '~'
         elif self.binduid_usage == 1:
diff -uNr LDAPUserFolder/LDAPUserFolder.py LDAPUserFolder-dirk/LDAPUserFolder.py
--- LDAPUserFolder/LDAPUserFolder.py	Sat Apr 16 16:28:16 2005
+++ LDAPUserFolder-dirk/LDAPUserFolder.py	Mon Jun 27 22:54:18 2005
@@ -810,6 +810,14 @@
         if super and name == super.getUserName():
             user = super
         else:
+            if password == '__ssoticket__':
+                #print "password __ssoticket__ not allowed"
+		return None
+            if password[:14] == '__ssoticket__=':
+		password, hash = password.split('=')
+		if not request.SESSION.has_key(hash):
+                    #print "validated TicketInfo is missing"
+		    return None
             user = self.getUser(name, password)
 
         if user is not None: