The question relates to to either Apache, or the ActiveDirectory configuration, not Subversion, from the looks of it.

The mailing lists for httpd will probably be able to give better advice more quickly.

Eric.


On Mon, May 21, 2018 at 2:41 PM, Paul Nguyen <paultnguyen@hotmail.com> wrote:

I’m running SVN 1.9.3 (r1718519), on Ubuntu 16-04 with Server version: Apache/2.4.18 (Ubuntu).

Problem is when a user failed 3 times with his password, the account doesn’t get locked but it keeps prompting. It looks like it authenticates against every single file in the path of the repo that user wants to access.

The apache.conf:


<VirtualHost *:80>

  ServerName <server name>

  ErrorLog /var/log/svn/docs_LDAP_error.log

  CustomLog /var/log/svn/docs_LDAP_access.log common

  <Location />

    DAV svn

    SVNPath /var/svnrepo/docs

    ##LDAP

     AuthName "docs Repo - Active Directory Authentication"

    AuthBasicProvider ldap

    AuthType Basic

    AuthLDAPGroupAttribute member

    AuthLDAPGroupAttributeIsDN On

    AuthLDAPURL "ldap://<ldap server>:389/cn=Users,dc=chp,dc=com?sAMAccountName?sub?(objectClass=*)"

    AuthLDAPBindDN "app_subversion@chp.com"

    AuthLDAPBindPassword "<password>"

    require valid-user

    ##

    RequestHeader edit Destination ^https: http: early

    AuthzSVNAccessFile /var/svnrepo/auth/docs-subdomain

    SetInputFilter DEFLATE

    SetOutputFilter DEFLATE

    SVNIndexXSLT /.chp/svnindex.xsl

  </Location>

</VirtualHost>


Is there a way to lock out an user account after 3 failed attempts as it's supposed to ?

Thanks,
Paul