29414ab043
We accept half a dozen different authentication mechanisms for Git over HTTP. Fairly high in the list we were checking user password, which would also query LDAP. In the case of LFS, OAuth tokens or personal access tokens, we were unnecessarily hitting LDAP when the authentication will not succeed. This was causing some LDAP/AD systems to lock the account. Now, user password authentication is the last mechanism tried since it's the most expensive.
4 lines
106 B
YAML
4 lines
106 B
YAML
---
|
|
title: Reduce hits to LDAP on Git HTTP auth by reordering auth mechanisms
|
|
merge_request: 8752
|
|
author:
|