Login | Register
My pages Projects Community openCollabNet

Discussions > issues > [Issue 26] New - SVNNotifier retries invalid passwords and locks account after server side pw svn change

svnnotifier
Discussion topic

Back to topic list

[Issue 26] New - SVNNotifier retries invalid passwords and locks account after server side pw svn change

Reply

Author lhaeger
Full name Lothar Haeger
Date 2015-01-08 02:05:02 PST
Message http://svnnotifier.t​igris.org/issues/sho​w_bug.cgi?id=26
                 Issue #|26
                 Summary|SVNNotifier retries invalid passwords and locks accoun
                        |t after server side pw svn change
               Component|svnnotifier
                 Version|current
                Platform|PC
              OS/Version|All
                     URL|
                  Status|NEW
       Status whiteboard|
                Keywords|
              Resolution|
              Issue type|DEFECT
                Priority|P1
            Subcomponent|code
             Assigned to|vlar
             Reported by|lhaeger






------- Additional comments from lhaeger at tigris dot org Thu Jan 8 02:05:02 -0800 2015 -------
We have SVN integrated with LDAP and a password policy forces a pw change every
90 days. Tortoise and all other SVN clients I know notify the user when a
locally saved password is not valid anymore and let the user enter a new
password to be used and saved.
SVNNotifier does not notify the user but retries with the old, known-incorrect
password again and again until the account gets finally locked by intruder
prevention on the LDAP server.

Please check for the return code on failed update attempts and either prompt the
user to enter a new password if the saved one failed authentication, or at least
stop retrying over and over again, so the account does not get locked (which
then prevents access to email, file&print, bugzille etc. too).

« Previous message in topic | 1 of 1 | Next message in topic »

Messages

Show all messages in topic

[Issue 26] New - SVNNotifier retries invalid passwords and locks account after server side pw svn change lhaeger Lothar Haeger 2015-01-08 02:05:02 PST
Messages per page: