This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author secynic
Recipients secynic
Date 2016-09-27.21:23:08
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1475011388.29.0.32013326397.issue28291@psf.upfronthosting.co.za>
In-reply-to
Content 
urllib/urllib2 AbstractDigestAuthHandler is hardcoded to 5 retries (self.retried). Normally this wouldn't be an issue.

Certain products link basic HTTP auth to Active Directory (yes, this shouldn't be a thing). When you have a failed login attempt lockout set on AD, this will lockout accounts on the very first failed Python basic auth attempt, if the AD lockout is set to 5 or less.

In my specific use case, I was able to override request.HTTPBasicAuthHandler.__init__() and request.HTTPBasicAuthHandler.reset_retry_count() by setting self.retried=5. One way to fix this would be to add a new retry_count argument to AbstractDigestAuthHandler.

I am a bit busy at the moment, but will submit a patch as soon as I get time.
History
Date User Action Args
2016-09-27 21:23:08secynicsetrecipients: + secynic
2016-09-27 21:23:08secynicsetmessageid: <1475011388.29.0.32013326397.issue28291@psf.upfronthosting.co.za>
2016-09-27 21:23:08secyniclinkissue28291 messages
2016-09-27 21:23:08secyniccreate