So I am running into a problem. I basically implemented it as below,
but it doesn't work. I did three tests and watched the error log.
Test 1: Invalid User
Gives error "user adssad not found: /basic"
Test 2: Valid User, Invalid Pass
Gives error "user foo: authentication failure for "/basic": Password
Mismatch"
Test 3: Valid User, Valid Pass
Gives no error
But in all three cases the browser re prompts for authentication.... ideas?
-Eric
############ SVN Apache Config ####################
<VirtualHost *:80>
ServerName svn.<REMOVED>
ServerAdmin <REMOVED>
ServerAlias svn
DocumentRoot /var/www/svn
<Location />
# Uncomment this to enable the repository,
DAV svn
# Set this to the path to your repository
SVNPath /var/lib/svn
AuthType CAS
AuthName "Subversion Repository"
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
<Location /basic>
# Uncomment this to enable the repository,
DAV svn
# Set this to the path to your repository
SVNPath /var/lib/svn
AuthType Basic
AuthName "Subversion Repository"
AuthBasicProvider ldap
AuthLDAPURL
"ldap://127.0.0.1:389/<REMOVED>?uid?sub?(objectClass=*)"
AuthLDAPBindDN "<REMOVED>"
AuthLDAPBindPassword "<REMOVED>"
Require valid-user
</Location>
ErrorLog "| /usr/sbin/vlogger -e -s error.log -t
%Y-%m-%d-error.log -u www-logs -g www-data /var/log/apache2/svn"
</VirtualHost>
####################################################
Jehan PROCACCIA wrote:
> Eric Faden wrote:
>
>> What is the best way to get Apache 2.2, SVN, and CAS to place nice.
>> Currently I have AuthCAS set on the /svn directory, which "works" but
>> the clients get pissed off because /svn is a redirect to the cas
>> stuff.. What are people using for authenticating SVN with either CAS
>> or straight LDAP?
>>
>> -Eric
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
> I 've encountered the same probleme. Indeed CAS redirects work fine for
> browser but not for svn dedicated clients (like turtoise for example).
> for this I had to set 2 configurations in apache. One for turtoise with
> mod_ldap.so and mod_authnz_ldap.so, example:
> <Location "/svn/eph">
> DAV svn
> SSLRequireSSL
> SVNParentPath /svn/eph
> AuthzSVNAccessFile /svn/authz.eph
> #AuthzSVNAccessFile /svn/s2ia/tutu/conf/authz
> AuthType Basic
> AuthName "SVN mod_ldap"
> AuthBasicProvider ldap
> AuthLDAPURL
> "ldap://ldapserver.int-evry.fr:389/ou=people,dc=int-evry,dc=fr?uid?sub?(objectClass=*)"
> require valid-user
> </Location>
>
> and an other one for browsers with CAS, here is a sample with the
> "enhanced" svnwiew php program ( I had to disable CAS -> satisfy any,
> for templates which contains css and images and are not showing up with
> CAS as well :-( ) .
>
> <Directory /var/www/html/svnview-s2ia/templates>
> Order Allow,Deny
> Allow from all
> satisfy any
> </Directory>
> <Directory /var/www/html/svnview-s2ia>
> AuthType CAS
> AuthName "INT auth"
> Require valid-user
> #satisfy any
> </Directory>
>
> If someone has a better solution , I'll take it .
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
