Hello all,
I'm in need of some help getting my subversion server to allow me to
domain authentication. I have setup a CentOS 6.5 machine running
samba to act as my primary domain controller. I then setup another
CentOS 6.5 machine to act as my subversion server, and using winbind I
was able to join that machine to the domain following this tutorial:
https://www.youtube.com/watch?v=c-vWAaocRU0
On the subversion server I am using Apache subversion with Apache 2.2.15.
Below is my subversion.conf script, which includes some commented out
previous attempts. Basically what happens is that I go to a client
machine, navigate to /svn/svn/mytestproj in firefox, and attempt to
log in. This works fine with basic authentication. When I try to use
domain authentication I get the login prompt, I type in
TESTLAB\kfischer as my username and enter my password. It seems to
reject this and immediately prompts me for the password again (no
warning or error message). After three attempts I eventually get an
Authorization Required message.
Anyone have any ideas on what I am doing wrong? Your help is greatly
appreciated!
Best regards,
Ken
####################START SCRIPT##################################
#Load Apache LDAP Modules
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#Load Subversion Apache Modules
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
#Load winbind module.... commented out now since this didn't work
#LoadModule auth_ntlm_winbind_module
/usr/lib/apache2/modules/mod_auth_ntlm_winbind.so
#Work around for authz and SVNListParentPath issue
RedirectMatch ^(/repos)$ $1/
#Enable Subversion Logging
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
<Location /svn>
DAV svn
SVNParentPath /var/www/svn
SVNListParentPath On
SVNAutoversioning On
AuthType Basic
AuthName "TESTLAB"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPBindDN "CN=ldapbind,CN=Users,DC=TESTLAB,DC=LBTE"
AuthLDAPBindPassword ldapbind!12
AuthLDAPURL "ldap://testlab.lbte:3268/DC=TESTLAB,DC=LBTE?sAMAccountName?sub?(ObjectClass=*)"
Require valid-user
</Location>
#### FAILED PREVIOUS ATTEMPTS
#<Location /svn>
#---trying to use mod_auth_ntlm_winbind
# DAV svn
# AuthName "TESTLAB.LBTE"
# NTLMAuth on
# NegotiateAuth on
# NTLMAuthHelper "/usr/bin/ntlm_auth --domain=testlab.lbte
--helper-protocol=squid-2.5-ntlmssp"
# NegotiateAuthHelper "/usr/bin/ntlm_auth --helper-protocol=gss-spnego"
# NTLMBasicAuthoritative on
# AuthType NTLM
# AuthType Negotiate
# require valid-usr
# SVNParentPath /var/www/svn
# SVNListParentPath on
#----attempt at LDAP----------------------------------------------------------
# DAV svn
# SVNParentPath /var/www/svn
# SVNListParentPath on
# order allow,deny
# allow from all
# Options Indexes
# AuthzLDAPAuthoritative On
# AuthName "TESTLAB.LBTE"
# AuthType Basic
# AuthBasicProvider ldap
# AuthzLDAPAuthoritative On
# AuthLDAPBindDN "CN=ldapbind,CN=linuxusers,DC=testlab,DC=lbte"
# AuthLDAPBindPassword "ldapbind!12"
# AuthLDAPURL "ldap://testlab.lbte:3268/DC=testlab,DC=lbte?sAMAccountName?sub?(objectClass=*)"
NONE
# Require ldap-group CN=linuxusers,OU=Groups,DC=testlab,DC=lbte
#--BASIC CONFIGURATION---THIS DOES WORK I JUST HAVE IT DISABLED RIGHT
NOW----------------------------------
# DAV svn
# SVNParentPath /var/www/svn
# AuthType Basic
# AuthName "Subversion repositories"
# AuthUserFile /etc/svn-auth-users
# Require valid-user
#</Location>
################################################################################################
Received on 2014-05-17 01:00:17 CEST