You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Paul Nguyen <pa...@hotmail.com> on 2018/05/21 21:41:28 UTC
LDAP authenticate problem
I’m running SVN 1.9.3 (r1718519), on Ubuntu 16-04 with Server version: Apache/2.4.18 (Ubuntu).
Problem is when a user failed 3 times with his password, the account doesn’t get locked but it keeps prompting. It looks like it authenticates against every single file in the path of the repo that user wants to access.
The apache.conf:
<VirtualHost *:80>
ServerName <server name>
ErrorLog /var/log/svn/docs_LDAP_error.log
CustomLog /var/log/svn/docs_LDAP_access.log common
<Location />
DAV svn
SVNPath /var/svnrepo/docs
##LDAP
AuthName "docs Repo - Active Directory Authentication"
AuthBasicProvider ldap
AuthType Basic
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN On
AuthLDAPURL "ldap://<ldap server>:389/cn=Users,dc=chp,dc=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "app_subversion@chp.com"
AuthLDAPBindPassword "<password>"
require valid-user
##
RequestHeader edit Destination ^https: http: early
AuthzSVNAccessFile /var/svnrepo/auth/docs-subdomain
SetInputFilter DEFLATE
SetOutputFilter DEFLATE
SVNIndexXSLT /.chp/svnindex.xsl
</Location>
</VirtualHost>
Is there a way to lock out an user account after 3 failed attempts as it's supposed to ?
Thanks,
Paul
Re: LDAP authenticate problem
Posted by Eric Johnson <er...@tibco.com>.
The question relates to to either Apache, or the ActiveDirectory
configuration, not Subversion, from the looks of it.
The mailing lists for httpd will probably be able to give better advice
more quickly.
Eric.
On Mon, May 21, 2018 at 2:41 PM, Paul Nguyen <pa...@hotmail.com>
wrote:
> I’m running SVN 1.9.3 (r1718519), on Ubuntu 16-04 with Server version:
> Apache/2.4.18 (Ubuntu).
>
> Problem is when a user failed 3 times with his password, the account
> doesn’t get locked but it keeps prompting. It looks like it authenticates
> against every single file in the path of the repo that user wants to access.
>
> The apache.conf:
>
>
> <VirtualHost *:80>
>
> ServerName <server name>
>
> ErrorLog /var/log/svn/docs_LDAP_error.log
>
> CustomLog /var/log/svn/docs_LDAP_access.log common
>
> <Location />
>
> DAV svn
>
> SVNPath /var/svnrepo/docs
>
> ##LDAP
>
> AuthName "docs Repo - Active Directory Authentication"
>
> AuthBasicProvider ldap
>
> AuthType Basic
>
> AuthLDAPGroupAttribute member
>
> AuthLDAPGroupAttributeIsDN On
>
> AuthLDAPURL "ldap://<ldap server>:389/cn=Users,dc=chp,
> dc=com?sAMAccountName?sub?(objectClass=*)"
>
> AuthLDAPBindDN "app_subversion@chp.com"
>
> AuthLDAPBindPassword "<password>"
>
> require valid-user
>
> ##
>
> RequestHeader edit Destination ^https: http: early
>
> AuthzSVNAccessFile /var/svnrepo/auth/docs-subdomain
>
> SetInputFilter DEFLATE
>
> SetOutputFilter DEFLATE
>
> SVNIndexXSLT /.chp/svnindex.xsl
>
> </Location>
>
> </VirtualHost>
>
> Is there a way to lock out an user account after 3 failed attempts as it's
> supposed to ?
>
> Thanks,
> Paul
>