I’m running SVN 1.9.3 (r1718519), on Ubuntu 16-04 with Server version: Apache/2.4.18 (Ubuntu).
Problem is when a user failed 3 times with his password, the account doesn’t get locked but it keeps prompting. It looks like it authenticates against every single file in the path of the repo that user wants to access.
The apache.conf:
<VirtualHost *:80>
ServerName <server name>
ErrorLog /var/log/svn/docs_LDAP_error.log
CustomLog /var/log/svn/docs_LDAP_access.log common
<Location />
DAV svn
SVNPath /var/svnrepo/docs
##LDAP
AuthName "docs Repo - Active Directory Authentication"
AuthBasicProvider ldap
AuthType Basic
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN On
AuthLDAPURL "ldap://<ldap server>:389/cn=Users,dc=chp,dc=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "app_subversion_at_chp.com"
AuthLDAPBindPassword "<password>"
require valid-user
##
RequestHeader edit Destination ^https: http: early
AuthzSVNAccessFile /var/svnrepo/auth/docs-subdomain
SetInputFilter DEFLATE
SetOutputFilter DEFLATE
SVNIndexXSLT /.chp/svnindex.xsl
</Location>
</VirtualHost>
Is there a way to lock out an user account after 3 failed attempts as it's supposed to ?
Thanks,
Paul
Received on 2018-05-22 08:42:00 CEST