LDAP and password protection


I'm implementing LDAP user authentication as in Enterprise Recipes With
Ruby and Rails
and, according to the book, it is pretty simple, just as follows:

require 'net/ldap'

class User
  BASE = 'dc=enterpriserecipes,dc=com'
  LDAP_USER = 'cn=root,dc=enterpriserecipes,dc=com'
  LDAP_PASSWORD = 't0p$ecret'

  def self.authenticate(email, password)
    email_filter = Net::LDAP::Filter.eq('mail', email)
    ldap_con = connect(LDAP_USER, LDAP_PASSWORD)
    dn = ''
    ldap_con.search(:base => BASE, :filter => email_filter) do |entry|
      dn = entry.dn
    !dn.empty? and connect(dn, password).bind


  def self.connect(dn, password)
      :host => 'localhost',
      :port => 389,
      :auth => {
        :method => :simple,
        :username => dn,
        :password => password

Therefore, this is not secure, since I can see the user password in
authenticate method. Does anyone know a way to hide the password from
the developer, encrypting it or something?

Thanks for your time.