Addressed review comments

dali/server/daldap.cpp

@@ -117,12 +117,15 @@ class CDaliLdapConnection: implements IDaliLdapConnection, public CInterface
             return SecAccess_Full;
 
 
+        Owned<ISecUser> user;
         StringBuffer username;
         StringBuffer password;
         if (udesc)
         {
             udesc->getUserName(username);
             udesc->getPassword(password);
+            user.setown(ldapsecurity->createUser(username));
+            user->setAuthenticateStatus(AS_AUTHENTICATED);  // treat caller passing user as trusted
         }
         else
         {
@@ -131,6 +134,7 @@ class CDaliLdapConnection: implements IDaliLdapConnection, public CInterface
             // If no user was provided, try to use the default user
             if (disableFilesDefaultUser || filesdefaultuser.isEmpty())
             {
+                OWARNLOG("Default user missing or disabled, access denied for request %s %s", key, nullText(obj));
                 return SecAccess_None; // no access if no default user or disabled
             }
 
@@ -139,12 +143,10 @@ class CDaliLdapConnection: implements IDaliLdapConnection, public CInterface
             OWARNLOG("Missing credentials, injecting deprecated filesdefaultuser (%s) for request %s %s", filesdefaultuser.str(), key,
                      nullText(obj));
             logNullUser(nullptr);
+            user.setown(ldapsecurity->createUser(username));
+            user->credentials().setPassword(password);  // Force authentication of default user when used
         }
 
-        Owned<ISecUser> user = ldapsecurity->createUser(username);
-        user->credentials().setPassword(password);
-        //  user->setAuthenticateStatus(AS_AUTHENTICATED);  let normal user authentication take place
-
         SecAccessFlags perm = SecAccess_None;
         unsigned start = msTick();
         if (filescope)