############################# PROBLEM DESCRIPTION STARTS #############################
*1. Goal*: To use VisualSVN's apache to host a domain authenticated CGI application/script (ViewVC-1.1.22). *2. Current Environment*: - Windows Server 2003 x64 Standard Edition - VisualSVN-Server-2.1.2, installed under a domain admin account and runs as a Network Logon service. - Multiple repositories are hosted for years and VisualSVN authenticates against AD just fine. Here is a sample working repo URL, https://svn.domain.com/svn/repo1. *3. Changes made to achieve the goal without Domain authentication*: - Added a compatible "Apache/2.2.13 (Win32)" CGI module mod_cgi.so to VisualSVN Server's bin/. - Added the following to httpd_custom.conf LoadModule cgi_module bin/mod_cgi.so ScriptAlias /viewvc "E:\path\to\script\viewvc.cgi" - Restarted VisualSVN server. - Accessing https://svn.domain.com/svn/repo1 asks for authentication and works perfectly fine. - Accessing https://svn.domain.com/viewvc works perfectly fine. No issues whatsoever. *4. Changes made to achieve the goal with Domain authentication*: *4.1. Using VisualSVN's native authentication module* - Added the following to httpd_custom.conf LoadModule cgi_module bin/mod_cgi.so ScriptAlias /viewvc "C:\path\to\script\viewvc.cgi" <Location /viewvc> AuthName "ViewVC Authentication" AuthType VisualSVN AuthzVisualSVNAccessFile "E:/path/to/svnaccessfile/authz-windows" AuthnVisualSVNBasic on AuthnVisualSVNIntegrated on AuthnVisualSVNUPN Off BrowserMatch "(\s|^)neon/0.\d+.\d+(\s|$)" AuthnVisualSVNIgnoreReauth BrowserMatch "(\s|^)neon/0.\d+.\d+(\s|$)" AuthnVisualSVNDisableNegotiate require valid-user </Location> - Restarted VisualSVN server. - Accessing https://svn.domain.com/svn/repo1 asks for authentication and works perfectly fine. - Accessing https://svn.domain.com/viewvc asks for authentication. Upon authentication it displays the following message. "Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log." - There is nothing in the VisualSVN/Server event logs that give a clue about the error. *4.2. Using Apache's native authentication modules (mod_ldap.so and mod_authnz_ldap.so)* - Added a compatible "Apache/2.2.13 (Win32)" LDAP modules mod_ldap.so and mod_authnz_ldap.so to VisualSVN Server's bin/. - Added the following to httpd_custom.conf, after reviewing with the Windows Domain Administrator. LoadModule cgi_module bin/mod_cgi.so LoadModule ldap_module bin/mod_ldap.so LoadModule authnz_ldap_module bin/mod_authnz_ldap.so ScriptAlias /viewvc "C:\path\to\script\viewvc.cgi" <Location /viewvc> AuthType Basic AuthName "ViewVC Authentication" AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPUrl ldap://ldapserver.domain.com:389/ou=Users,dc=domain,dc=com?uid AuthLDAPBindDN "cn=SomeAdmin,ou=Users,dc=domain,dc=com" AuthLDAPBindPassword SomeAdminPassword require valid-user </Location> - Restarted VisualSVN server. - Accessing https://svn.domain.com/svn/repo1 asks for authentication and works perfectly fine. - Accessing https://svn.domain.com/viewvc asks for authentication. Upon authentication it displays the following message. "Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log." - There is nothing in the VisualSVN/Server event logs that give a clue about the error. ############################# PROBLEM DESCRIPTION ENDS ############################# *Note*: I tried replicating the same scenario as in section 4.1 on a Windows XP workstation (same versions of VisualSVN and ViewVC installed) thats not bound to any domain. Authenticating against local windows users on the machine works perfectly fine for both /viewvc and /svn/repo1 applications. So something seems to be happening when domain authentication comes into picture. I am sure there are other ways of making /viewvc accessible, but would like to make use of existing VisualSVN Server's apache. Could you please help me out with what could be going wrong here? VisualSVN's apache definitely makes available /viewvc without authentication, the problem is only when domain authentication is enabled. -- You received this message because you are subscribed to the Google Groups "VisualSVN" group. To unsubscribe from this group and stop receiving emails from it, send an email to visualsvn+unsubscr...@googlegroups.com. To post to this group, send email to visualsvn@googlegroups.com. Visit this group at http://groups.google.com/group/visualsvn. For more options, visit https://groups.google.com/d/optout.
