httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andre Schild" <>
Subject Antw: [users@httpd] mod_auth_ldap
Date Fri, 12 Dec 2003 21:56:20 GMT

>We are using the following configuration:
>1. Apache 2.0.48
>2. /httpd-2.0.48/modules/experimental/mod_auth_ldap.c
>3. Authenticating against a Domino 5 ldap server

>2. If the authentication fails on the user's first try the second try will
>not work until 15 seconds have passed.

We use the ldap module with netware NDS and we see another
When a user has the correct password, then it is allowd in.
When the user gives a wrong password, the LDAP Server waits
5-10 seconds until it says NO. NDS does this to prevent brute force
attacks. (In addition to the the intruder detection logic)

I could think that the Domino server has this 15 sec. wait for the next try
to protect the account from brute force attacks.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message