Allow disabling LDAP password authentication to Git over HTTP(S)

Description

In my GitLab deployment I have unchecked the option for "Password authentication enabled for Git over HTTP(S)". However, I did not read the fine print that says: "When disabled, a Personal Access Token or LDAP password must be used to authenticate."

For me this defeats the purpose of the setting. All my users sign in via LDAP, but because they use their LDAP passwords for many other purposes, I would like to limit them from using them for Git authentication; and instead force them to use access tokens and no passwords whatsoever.

Proposal

Either change the semantics of this option to disable use of any kind of password other than generated access tokens, or perhaps a more fine-grained selection as to what authentication backends are allowed for Basic Auth on Git repository access (e.g. allow selecting zero or more of "local password", "LDAP password", "token", etc.)