WG: Subversion Apache2.2 LDAPS authentication failed

From: Heimo Stieg <greenberet_at_corona-bytes.net>
Date: Mon, 28 Feb 2011 17:42:32 +0000

-----Ursprüngliche Nachricht-----
Von: 金健康 [mailto:jinjiankang1980_at_gmail.com]
Gesendet: Montag, 28. Februar 2011 09:34
An: Heimo Stieg
Betreff: Re: Subversion Apache2.2 LDAPS authentication failed

telnet master.ldap.ebupt.com 636 is OK.

2011/2/25 Heimo Stieg <greenberet_at_corona-bytes.net>:
> Hello,
>
> Check if the connection is possible from your machine to the ldap server with telnet.
>
> telnet master.ldap.ebupt.com 636
>
> If the connection works -> problem is inside the apache configuration
> If not -> check your firewalls.
>
>
> ________________________________________
> Von: 金健康 [jinjiankang1980_at_gmail.com]
> Gesendet: Freitag, 25. Februar 2011 07:53
> Bis: users_at_subversion.apache.org
> Betreff: Subversion Apache2.2 LDAPS authentication failed
>
> Hi,
>
> OS: Redhat Linux
> Subversion: 1.5.0
> Apache: 2.2.17
> OpenLDAP: 2.3.27
>
> httpd.conf:
> ...
> LDAPSharedCacheSize 200000
> LDAPCacheEntries 1024
> LDAPCacheTTL 600
> LDAPOpCacheEntries 1024
> LDAPOpCacheTTL 600
>
> <Location /svn>
> DAV svn
> SVNParentPath /home/svnroot/repository AuthzSVNAccessFile
> /home/svnroot/repository/svn_access_file
> AuthType Basic
> AuthBasicProvider ldap
> AuthzLDAPAuthoritative off
> AuthLDAPURL "ldaps://master.ldap.ebupt.com:636/OU=staff,DC=ebupt,DC=com?uid?sub?(objectClass=*)"
> SS
> L
> AuthName "Subversion.resository"
> Require valid-user
> </Location>
> ...
>
> Apache error_log:
>
> [Thu Feb 24 16:48:00 2011] [debug] mod_authnz_ldap.c(403): [client
> 10.1.85.181] [25242] auth_ldap a
> uthenticate: using URL
> ldaps://master.ldap.ebupt.com:636/OU=staff,DC=ebupt,DC=com?uid?sub?(ob
> jectCl
> ass=*)
> [Thu Feb 24 16:48:00 2011] [info] [client 10.1.85.181] [25242]
> auth_ldap authenticate: user jinjian kang authentication failed; URI
> /svn [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server]
>
> ping master.ldap.ebupt.com is OK.
>
> My FTP LDAPS authentication is OK as below:
> server:master.ldap.ebupt.com
> port:636 Enable
> SSL:checked
> Base DN:ou=staff,dc=ebupt,dc=com
> anonymous bind:checked
> Search Filter:(objectClass=*)
> User DN attribute:uid
> Search scope:subtree
>
> Thanks.
> Jin Jiankang
>
>
Received on 2011-02-28 19:04:51 CET

This message: [ Message body ]
Next message: James Ralston: "can "svnadmin dump" tolerate read-only repository access?"
Previous message: Andy Levy: "Re: Help with files changed outside of svn"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]