subversion + openldap

From: Dan Bahena <dan.bahena_at_optionmonster.com>
Date: 2007-08-09 23:50:54 CEST

Here is my scenario:

I need to configure subversion with openldap as the authentication
server.

I have the following:

CentOS release 5 (Final) with kernel 2.6.18-8.1.8.el5
openldap-2.3.27-5
httpd-2.2.3-7.el5.centos
subversion-1.4.4-0.1.el5.rf

I'm using openldap with a self sign certificate.

My subversion.conf file looks like this:

-=--=-=-=-
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<Location /repos>
DAV svn
# Require SSL connection for password protection.
SSLRequireSSL

       SVNPath /var/www/svn/repos
       AuthType Basic
       AuthName "Subversion repos"
       AuthLDAPURL ldaps://127.0.0.1:636/ou=People,dc=camhub,dc=com
       Require valid-user
</Location>
-=-=-=-=-=-

At the beginning I configured svn to use a file that stored the user
passwords created with htpasswd. All was working ok there.

When I try do to a checkout, I get this message:
[dan_at_danb tmp]$ svn co https://camhub.hostname.com/repos
Error validating server certificate for
'https://camhub.hostname.com:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
- The certificate hostname does not match.
Certificate information:
- Hostname: localhost.localdomain
- Valid: from Jun 5 13:54:58 2007 GMT until Jun 4 13:54:58 2008 GMT
- Issuer: SomeOrganizationalUnit, SomeOrganization, SomeCity,
SomeState, --
- Fingerprint:
87:eb:e1:c4:e3:c4:66:4c:e8:6a:24:3a:bb:24:4a:73:6d:76:5e:2e
(R)eject, accept (t)emporarily or accept (p)ermanently? p
Authentication realm: <https://camhub.hostname.com:443> Subversion repos
Password for 'dan':
Authentication realm: <https://camhub.hostname.com:443> Subversion repos
Username: dan
Password for 'dan':
Authentication realm: <https://camhub.hostname.com:443> Subversion repos
Username: svn
Password for 'svn':
svn: PROPFIND request failed on '/repos'
svn: PROPFIND of '/repos': authorization failed
(https://camhub.hostname.com)

What am I missing? I've googled around for a long time, have tried
different configurations/combinations and still have not get it to work.
Any help?

Thanks!

-- 
Dan Bahena <dan.bahena@optionmonster.com>
OptionMonster Holdings, Inc.

application/pgp-signature attachment: This is a digitally signed message part

Received on Thu Aug 9 23:50:22 2007

This message: [ Message body ]
Next message: Rainer Sokoll: "Re: send error messages back to the client in hook scripts.."
Previous message: aaron smith: "Re: send error messages back to the client in hook scripts.."
Next in thread: Dan Bahena: "Re: subversion + openldap"
Reply: Dan Bahena: "Re: subversion + openldap"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]