We have been using subversion 1.3.2, mod_auth_krb 5.3 and apache 2.0.49
on a Suse Enterprise Linux (SLES) 9 box quite happily until recently.
Our authentication was done to Active Directory running on Windows 2000
Servers, and was used to authenticate our entire (internal) web site,
including http access to subversion.
Recently (last weekend), the windows servers were 'upgraded' to 2003 Server.
The first thing that happened is that mod_auth)_krb authentication broke
totally. It seems that 2003 Server now cares about the kvno of the
Kerberos keys. A day of work finally isolated this, we found a working
set of Kerberos keytabs, and all seemed well.
However...
A few hours later, my users reported very slow access to subversion, at
least an order of magnitude slower. Sniffing the net traffic with
ethereal showed that all seemed well, there were requests for
pre-authentication coming from the windows server, but this seemed
normal. What is not normal is that each authentication is taking in the
order of milliseconds to complete, which totally bogs down any
subversion access to the repository via http.
Does anyone have a mod_auth_krb setup working against Windows 2003
Servers which works efficiently? We have had to resort to a second
authentication scheme (ldap) for subversion, which was another saga in
itself...
Tony Butt
CEA Technologies,
Canberra Australia
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Mar 28 04:22:12 2007