Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Configure LDAP with SVN on Apache 2.2 on Linux |
|
| Author |
|
hujirong
Joined: 24 Sep 2013
Posts: 1
Location: Canada
|
 Posted: Tue 24 Sep '13 19:28 Post subject: Configure LDAP with SVN on Apache 2.2 on Linux |
 |
|
Hi All
I want to setup LDAP authentication for my SVN. This is my platform:
Linux 2.6.32-358.18.1.el6.x86_64 x86_64
Apache/2.2.15 (Red Hat) Server
svn, version 1.6.11 (r934486)
I can switch to userid/password authentication with no issue to access SVN repos, but can't make the LDAP authentication work. It didn't prompt for userid and password! If I took out "Satisfy Any", then I got an "Internal Server Error".
Can you guys tell me how to troubleshoot this problem? I spent two days trying everything I can find from the Internet.
There is a bug very close to my situation but we are using port 389 and set LDAPVerifyServerCert Off also doesn’t resolve my issue: https://issues.apache.org/bugzilla/show_bug.cgi?id=50630
Here is my subversion.conf, which is included into httpd.conf.
| Code: | DAV svn
SVNParentPath /var/www/svn
SVNListParentPath on
SVNAutoversioning on SVNReposName "BMO Subversion Repository"
AuthType Basic
AuthName "office.adroot.bmogc.net"
# LDAP
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN "CN=svnldapuser,OU=Service Accounts,OU=Domain Administration,DC=office,DC=adroot,DC=bmogc,DC=net" AuthLDAPBindPassword "1BmoPa99wordL"
AuthLDAPURL "ldap://office.adroot.bmogc.net:389/DC=office,DC=adroot,DC=bmogc,DC=net?sAMAccountName?sub"
#AuthUserFile /etc/svn-auth-conf
#AuthzSVNAccessFile /etc/svn-acl-conf
Require valid-user
Satisfy Any
Here are the some logs during the debug:
[Mon Sep 23 15:25:05 2013] [debug] mod_auth_vas.c(1839): [mod_auth_vas] get_server_creds: using def ault HTTP.keytab
[Mon Sep 23 15:25:05 2013] [debug] mod_auth_vas.c(1856): [mod_auth_vas] Successfully established cre dentials for HTTP/
[Mon Sep 23 15:25:06 2013] [debug] mod_auth_vas.c(2001): [mod_auth_vas] Successfully authenticated a s HTTP/ using the default HTTP.ketyab [Mon Sep 23 15:25:06 2013] [info] Init: Seeding PRNG with 256 bytes of entropy
[Mon Sep 23 15:25:06 2013] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Mon Sep 23 15:25:06 2013] [info] Init: Generating temporary DH parameters (512/1024 bits) |
The only thing I am not sure is I found this in our | Code: | JIRA LDAP integration: User Object Filter: (&(objectCategory=Person)(memberof=CN=ccusers,OU=U NIX Security Groups,OU=CTD_CM_RMG,OU=Corporate Clients V2,DC=office,DC=adroot,DC=bmogc,DC=net))
Group Object Filter: (&(objectCategory=Group)(sAMAccountName=)) |
|
|
| Back to top |
|
|
|
|
|
|
