[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Apache and Radius Authentication

From: David Heppenstall <David.Heppenstall_at_rci.rogers.com>
Date: 2006-03-21 19:43:35 CET

I'm posting this solution for the benefit of anyone
interested, as well to benefit future list archive
readers. :)

Many thanks to Joe Orton for pointing me in the right
direction.

The issue lies within the mod_auth_radius-2.0.c file
provided by FreeRadius.org. There is a "bug in
mod_auth_radius which causes spurious 404 errors."

On line #1194, you will find "return HTTP_NOT_FOUND;"
this is the culprit. Simply comment out lines 1192
through 1195. Recompile the module using apxs and
install it to the Apache modules directory.

Apache is now able to authenticate SVN clients using
RADIUS credentials.

 - Dave Heppenstall

> I'm having some problems serving Subversion repositories over
> Apache in conjunction with RADIUS authentication.
>
> I have followed the instructions in Chapter six of the SVN
> book and have managed to get this working no problem:
> <Location /svnbackdoor>
> DAV svn
> SVNParentPath /opt/svn
> </Location>
>
> In addition, I have added the FreeRadius mod_auth_radius
> module to Apache and have also managed to get this working:
> <Location /securetest>
> AuthType Basic
> AuthName "RADIUS authentication for no reason other than to
> annoy you."
> AuthAuthoritative off
> AuthRadiusAuthoritative on
> AuthRadiusCookieValid 5
> AuthRadiusActive On
> require valid-user
> </Location>
>
> I assumed that just by concatenating these two
> fully-functioning configurations that I would have a working
> RADIUS-Authenticated Subversion url: <Location /svn>
> DAV svn
> SVNParentPath /opt/svn
> AuthType Basic
> AuthName "RADIUS authentication."
> AuthAuthoritative off
> AuthRadiusAuthoritative on
> AuthRadiusCookieValid 5
> AuthRadiusActive On
> require valid-user
> </Location>
>
> As you can see, all I did was put the options together in the
> same <Location> directive. However, when I try to view the
> url in a web browser, I am presented with a 404 error after
> entering a correct username and password. In the CLI client,
> I get this:
> svn: PROPFIND request failed on '/'
> svn: PROPFIND of '/': 405 Method Not Allowed
> (http://<ip-removed>)

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Tue Mar 21 19:46:12 2006

This is an archived mail posted to the Subversion Users mailing list.