The BasicAuthenticationFilter returns status code 401 for a failed authentication (wrong password), but it should return status code 403 instead.
I would expect a 401 for bad username/password, or a 403 for user correctly authenticated but does not have access to the requested resource.
Possible fix 6e979b05.
Could you please test the following version:
Hi, After this I can no longer authenticate using ldap with the syntax:
git clone http://my-ldap-login@scm-server/repo.git
it just tells me "403" and the log says "password is null/invalid" (or something like that, sorry had to revert so lost the logs)
I also tried to enable this option: https://bitbucket.org/sdorra/scm-manager/commits/8da3a30b13decc08e7adbdb3985363652a8bafe3
but it didnt make any diff.
Any idea @Sebastian Sebastian ?
I've created an new issue for that problem: