[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: subversion + openldap

From: Dan Bahena <dan.bahena_at_optionmonster.com>
Date: 2007-08-17 18:11:01 CEST

Anybody that has experience doing this kind of setup?

Thanks!

On Thu, 2007-08-09 at 16:50 -0500, Dan Bahena wrote:
> Hi
>
> Here is my scenario:
>
> I need to configure subversion with openldap as the authentication
> server.
>
> I have the following:
>
> CentOS release 5 (Final) with kernel 2.6.18-8.1.8.el5
> openldap-2.3.27-5
> httpd-2.2.3-7.el5.centos
> subversion-1.4.4-0.1.el5.rf
>
> I'm using openldap with a self sign certificate.
>
> My subversion.conf file looks like this:
>
> -=--=-=-=-
> LoadModule dav_svn_module modules/mod_dav_svn.so
> LoadModule authz_svn_module modules/mod_authz_svn.so
>
> <Location /repos>
> DAV svn
> # Require SSL connection for password protection.
> SSLRequireSSL
>
>
> SVNPath /var/www/svn/repos
> AuthType Basic
> AuthName "Subversion repos"
> AuthLDAPURL ldaps://127.0.0.1:636/ou=People,dc=camhub,dc=com
> Require valid-user
> </Location>
> -=-=-=-=-=-
>
> At the beginning I configured svn to use a file that stored the user
> passwords created with htpasswd. All was working ok there.
>
> When I try do to a checkout, I get this message:
> [dan_at_danb tmp]$ svn co https://camhub.hostname.com/repos
> Error validating server certificate for
> 'https://camhub.hostname.com:443':
> - The certificate is not issued by a trusted authority. Use the
> fingerprint to validate the certificate manually!
> - The certificate hostname does not match.
> Certificate information:
> - Hostname: localhost.localdomain
> - Valid: from Jun 5 13:54:58 2007 GMT until Jun 4 13:54:58 2008 GMT
> - Issuer: SomeOrganizationalUnit, SomeOrganization, SomeCity,
> SomeState, --
> - Fingerprint:
> 87:eb:e1:c4:e3:c4:66:4c:e8:6a:24:3a:bb:24:4a:73:6d:76:5e:2e
> (R)eject, accept (t)emporarily or accept (p)ermanently? p
> Authentication realm: <https://camhub.hostname.com:443> Subversion repos
> Password for 'dan':
> Authentication realm: <https://camhub.hostname.com:443> Subversion repos
> Username: dan
> Password for 'dan':
> Authentication realm: <https://camhub.hostname.com:443> Subversion repos
> Username: svn
> Password for 'svn':
> svn: PROPFIND request failed on '/repos'
> svn: PROPFIND of '/repos': authorization failed
> (https://camhub.hostname.com)
>
> What am I missing? I've googled around for a long time, have tried
> different configurations/combinations and still have not get it to work.
> Any help?
>
> Thanks!

Received on Fri Aug 17 18:12:07 2007

This is an archived mail posted to the Subversion Users mailing list.