[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2

From: Andrew Arnott <andrewarnott_at_gmail.com>
Date: 2005-06-23 14:08:19 CEST

On 6/23/05, Clint Stotesbery <cstotes@hotmail.com> wrote:
>
> Same platform as you but I only had upgraded Apache to 2.0.54 and the ldap
> module would make Apache hang indefinately. I can't quite remember what I
> did to fix it. Can you shutdown Apache cleanly with the ldap modules
> LoadModule statements uncommented?

With the LDAP modules uncommented? Yes. They are uncommented now, if I
understand you correctly, and I can shutdown Apache just fine.

----Original Message Follows----
> From: Andrew Arnott <andrewarnott@gmail.com>
> Reply-To: Andrew Arnott <andrewarnott@gmail.com>
> To: users@subversion.tigris.org
> Subject: RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
> Date: Wed, 22 Jun 2005 20:24:10 -0600
>
> Sorry. I was patting myself on the head for including the apache
> configuration, and neglected to even specify the platform. So here goes
> repentence... Thanks again for helping...
>
> It's Windows 2003 Server, and I upgraded to the Apache 2.0.54 binary that
> is
> downloadable from Apache's web site. Subversion also was the Windows
> binary
> from Subversion's site.
>
> No, I did not recompile anything. SVN 1.2 came with mod_authz_svn.so and
> mod_dav_svn.so, which I copied into Apache's modules directory, over the
> SVN
> 1.1.1 versions that were there previously. For my last setup (with prior
> versions of SVN and Apache), this was all that was necessary.
>
> These are the logs that Apache gives right after a crash:
> access.log:
> 128.187.130.114 <http://128.187.130.114> <http://128.187.130.114> - -
> [22/Jun/2005:20:24:03 -0600]
> "GET / HTTP/1.1" 401 495
>
> error.log:
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2 SVN/1.2.0
> configured -- resuming normal operations
> [Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
> [Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is running
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start mutex.
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250 worker
> threads.
> [Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited with
> status
> 3221225477 -- Restarting.
>
>
> On 6/22/05, Frank Gruman <fgatwork@verizon.net> wrote:
> >
> > Silly questions -
> >
> > Did you recompile the ldap modules with Apache?
> > If you look in the Apache error logs, what is being thrown in there?
> >
> > If you let us know the steps you took to 'upgrade' Apache and
> Subversion,
> > it will help.
> >
> > Regards,
> > Frank
> >
> > Andrew Arnott wrote:
> >
> > Thanks for reading. I really enjoy using SVN and you developers are
> doing
> > great work. I just have a problem with LDAP authentication since
> upgrading
> > to your latest and greatest SVN 1.2, and hope you have seen the problem
> > before and can help me out.
> >
> > I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> > configuration was using LDAP authentication so that anyone to access the
> > repository had to authenticate to the LDAP. It worked very nicely. When
> > upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54, which I
> > did. Then I installed SVN 1.2. Now every time I try to access the
> > repository I get the authentication box, but when I fill in my
> credentials
> > and click OK, Apache crashes on the server, and the client gets nothing.
> > Nothing else has changed but the Apache and SVN versions. Can you help?
> >
> > Here is my relevant Apache configuration:
> >
> > LoadModule ldap_module modules/util_ldap.so
> > LoadModule auth_ldap_module modules/mod_auth_ldap.so
> > LoadModule dav_module modules/mod_dav.so
> > LoadModule dav_svn_module modules/mod_dav_svn.so
> > LoadModule authz_svn_module modules/mod_authz_svn.so
> >
> > <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80> <
> http://128.187.130.114:80>>
> > ServerAdmin AndrewArnott@byu.edu
> > DocumentRoot "c:/Subversion Repositories"
> > ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu> <
> http://fhsssvn.byu.edu>
> >
> > <Location />
> > DAV svn
> > SVNPath "c:/Subversion Repositories/fhss"
> > AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
> >
> > # try anonymous access first, resort to real
> > # authentication if necessary.
> > Satisfy Any
> >
> > # how to authenticate a user
> > AuthType Basic
> > AuthName "Subversion repository"
> >
> > # Of the two authentication modes below, the BYU LDAP is the
> > # best usually because it means each developer signs in with
> > # their own Route Y Net ID and password.
> > # Sometimes the BYU LDAP is down, and we must redirect
> > # authentication to our own devices. To swap modes, swap
> > # which line below is commented out.
> >
> > AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> > # AuthUserFile "C:/Subversion
> > Repositories/fhss-svn-auth-file-passwords-LDAPdown"
> >
> > # The fhss-svn-auth-file worries about who gets what access
> > # require user ala55 atb32 dcp22
> > require valid-user
> > </Location>
> > </VirtualHost>
> >
> > --
> > Andrew Arnott
> > Web Developer
> > Brigham Young University
> > "Men stumble over the truth from time to time, but most pick themselves
> up
> > and hurry off as if nothing happened." -WC
> >
> >
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves up
> and hurry off as if nothing happened." -WC
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves up
> and hurry off as if nothing happened." -WC
>
>
>

-- 
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up 
and hurry off as if nothing happened." -WC
Received on Thu Jun 23 14:10:55 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.