After GitLab Update to Version "14.1.2-ee" the user authenification over https is no longer possible?

Question

So far we have always checked out our Git repositories locally via SSH and on the webserver via HTTPS.

Since the GitLab update from August 3, 2021 to version "14.1.2-ee", we noticed that GIT no longer asks for the username and password of the GitLab user during "git push". The only way to push over HTTPS at this moment is to create and add a private token.

Is this a bug in the current version of GitLab or a feature? Is there a setting somewhere to define authentication via HTTPS like before the update?

Answer 1

PAT (Personal Access Token) are recommended with Git to authenticate over HTTP, and mandatory if 2FA has been activated.

That being said, It depends on

• what was your previous version of GitLab before this upgrade
• which authentication backend your on premise 14.1.2 GitLab server is using.

If it is LDAP, then this issue seems to be similar to gitlab-org/gitlab issue 337875:

LDAP integration generates masstiv amount of invalid logins

I have updated to Version 14.1.2 yesterday since then the are huge amounts of invalid logins via LDAP on the configured AD Controller.
This locks affected ad accounts. We have registered over 5000 failed log in events in the last 12h.

So check the server logs, and see if the affected accounts (that no longer manage to authenticate) are locked. (you can unlock one from command line, for testing).

---

The OP eckonator clarifies in the comments:

The error was not due to the update, but was activated CAPTCHA at the same time.

After disabling the CAPTCHA function, everything does again as usual.