[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Access to subversion via Pound/SSL+Apache/DAV (add'l info)

From: Michael Wood <mwood_at_its.uct.ac.za>
Date: 2003-08-27 10:12:29 CEST

On Tue, Aug 26, 2003 at 01:11:03PM -0500, Jason Vasquez wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 26 Aug 2003, Ben Collins-Sussman wrote:
> > > ServerAlias, etc.) -- unfortunately, that doesn't really apply here, since
> > > the URI scheme (not just the hostname) is different.
> >
> > Can you be more specific? Give more context? Point to discussion threads?
>
> In this particular scenario, the web server that the client sees is
> accessible via https. In fact, this is a reverse/transparent/etc proxy,
> that is funneling request back to an actual Apache server that is NOT
> running ssl. The COPY command from the client is supplying a Destination
> header of https://.../ (which the proxy does not modify). Apache/DAV/SVN
> is expecting to see a Destination in the form of http://.../. It appears
> to be bombing since the schemes differ (although the rest of the URL path
> will be the same)

This is a bug in your reverse proxy. It should be rewriting the https
to http in the header.

> I see several possible solutions here:
>
> 1. Do something in the svn client to have a special case to specify a
> Destination "root" for particular hosts
>
> 2. Have the proxy modify the Destination header before passing it back
> to the backend server.
[snip]

This is the right solution.

-- 
Michael Wood <mwood@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Aug 27 10:13:20 2003

This is an archived mail posted to the Subversion Users mailing list.