diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 2b1c92494..885571d88 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -69,14 +69,15 @@ class ApplicationController < ActionController::Base
 #    puts params.inspect
 
     # check http basic auth
-    authenticate_with_http_basic do |user, password|
+    authenticate_with_http_basic do |username, password|
       puts 'http basic auth check'
-      userdata = User.lookup( :login => user )
+      userdata = User.lookup( :login => username )
       message = ''
       if !userdata
         message = 'authentication failed, user'
       else
-        if password != userdata.password
+        success = User.authenticate( username, password )
+        if !success
           message = 'authentication failed, pw'
         end
       end