Ladislav Gazo writes: > I have configured gitorious to use LDAP for authorization. I am able to log > in using the user. As a next step I wanted to upload SSH keys but my > profile is not accessible - Apache returns 403 - Access forbidden. It is > somehow weird because the admin account or an account created within > Gitorious (not LDAP account) works correctly. > > I have set use_ldap_authorization: true > > My LDAP tree looks like this: > > - dc=mycompany,dc=com > --- ou=People > ------ ou=Developers > ----------- uid=user1 > ----------- uid=user2 > ------ ou=Customers > ----------- uid=customer1 > ------ ou=Testers > ----------- uid=tester1 > > My groups are in: ou=Groups,dc=mycompany,dc=com ... e.g. > cn=developers,ou=Groups,dc=mycompany,dc=com > Members are identified by memberUid. > > Error from Apache log: (13)Permission denied: access to /~user1 denied, > referer: https://git.mycompany.com/
Ladislav, This error (13, Permission denied) is usually related to files/directories not being accessible for the user running the Apache process, could it be you're hitting Apache's userdir module here? http://httpd.apache.org/docs/2.2/mod/mod_userdir.html Gitorious' profile page URLs mimick normal user accounts on a UNIX/Apache server, so my guess is that Apache intercepts this as a request for the public_html (or equivalent) directory inside the home directory for the system user account user1. You should check if there are any UserDir directives in any of your Apache configuration files. If you're on a Debian-like system there's usually a `a2dismod` command you can use to disable a specific Apache module. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
