-------------------
* Fix `33`_: Reject empty passwords by default.
Unless :setting:`AUTH_LDAP_PERMIT_EMPTY_PASSWORD` is set to True,
LDAPBackend.authenticate() will immediately return None if the password is
empty. This is technically backwards-incompatible, but it's a more secure
default for those LDAP servers that are configured such that binds without
passwords always succeed.
* Fix `39`_: Add support for pickling LDAP-authenticated users.
.. _33: https://bitbucket.org/psagers/django-auth-ldap/issue/33/
.. _39: https://bitbucket.org/psagers/django-auth-ldap/issue/39/
.. vim: ft=rst nospell tw=80