The question relates to to either Apache, or the ActiveDirectory
configuration, not Subversion, from the looks of it.
The mailing lists for httpd will probably be able to give better advice
more quickly.
Eric.
On Mon, May 21, 2018 at 2:41 PM, Paul Nguyen <paultnguyen_at_hotmail.com>
wrote:
> I’m running SVN 1.9.3 (r1718519), on Ubuntu 16-04 with Server version:
> Apache/2.4.18 (Ubuntu).
>
> Problem is when a user failed 3 times with his password, the account
> doesn’t get locked but it keeps prompting. It looks like it authenticates
> against every single file in the path of the repo that user wants to access.
>
> The apache.conf:
>
>
> <VirtualHost *:80>
>
> ServerName <server name>
>
> ErrorLog /var/log/svn/docs_LDAP_error.log
>
> CustomLog /var/log/svn/docs_LDAP_access.log common
>
> <Location />
>
> DAV svn
>
> SVNPath /var/svnrepo/docs
>
> ##LDAP
>
> AuthName "docs Repo - Active Directory Authentication"
>
> AuthBasicProvider ldap
>
> AuthType Basic
>
> AuthLDAPGroupAttribute member
>
> AuthLDAPGroupAttributeIsDN On
>
> AuthLDAPURL "ldap://<ldap server>:389/cn=Users,dc=chp,
> dc=com?sAMAccountName?sub?(objectClass=*)"
>
> AuthLDAPBindDN "app_subversion_at_chp.com"
>
> AuthLDAPBindPassword "<password>"
>
> require valid-user
>
> ##
>
> RequestHeader edit Destination ^https: http: early
>
> AuthzSVNAccessFile /var/svnrepo/auth/docs-subdomain
>
> SetInputFilter DEFLATE
>
> SetOutputFilter DEFLATE
>
> SVNIndexXSLT /.chp/svnindex.xsl
>
> </Location>
>
> </VirtualHost>
>
> Is there a way to lock out an user account after 3 failed attempts as it's
> supposed to ?
>
> Thanks,
> Paul
>
Received on 2018-05-22 18:11:07 CEST