> Van: Michael Tang [mailto:tang_at_phy.ccnu.edu.cn]
> Hello All,
> I have setup SSL secured connections (https) for my Subversion and
> https works well. Now, I am trying to set authentication with a
> Windows Domain with SSPI. But after I set up SSPI, the
> authorization (Windows Domain userid and password) only valid for
> http. For https, No authorization need and anyone can access
> According to document (
> serversetup-apache.html#tsvn-serversetup-apache-6), The SSPI
> authentication is only enabled for SSL secured connections(https).
> What is wrong in my configuration?
> I only added /changed some contents in httpd.conf for SSPI below,
> LoadModule sspi_auth_module modules/mod_auth_sspi.so
> LoadModule dav_fs_module modules/mod_dav_fs.so
> SSPIAuth On
> SSPIAuthoritative On
> SSPIDomain DOMAIN_NAME
> SSPIOfferBasic On
> and changed
> AuthType from 'Basic' to 'SSPI'
> AuthzSVNAccessFile from 'basic_auth_file' to 'SSPI_auth_file'.
> and other setting has not been changed. More details please find
> the attached.
I think you've been editing the wrong <Location> block, the one that's specific for the http access. According to the httpd.conf.err that you attached, I'm guessing that you need to edit another file, namely: conf/httpd-ssl.conf
Since your httpd.conf.err contains the following line:
There should be a similar Location block in httpd-ssl.conf. That's the one you need to work on. Also: I suppose in the end you need to disable plain http access (or limit it in some way). Otherwise it makes little sense to secure the https access. See Apache documentation for more information on how to do this...
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-31 12:24:40 CEST