On Fri, 2008-12-05 at 13:29 -0600, Alec Kloss wrote:
> On 2008-12-05 10:55, Craig McQueen wrote:
> > Hello all,
> >
> > The following doc says that a Windows Apache server can be set up to
> > authenticate against both Windows SSPI and a password file:
> > http://tortoisesvn.net/docs/nightly/TortoiseSVN_en/help-onepage.html#tsvn-serversetup-apache-6
> >
> > I'm trying to get this working on a Windows Apache 2.2 server, but
> > without success. SSPI works on its own, and the password file works on
> > its own. But if I try to use both together, as described, then
> > authenticating against the SSPI works but authenticating against the
> > password file fails.
> >
> > I'm wondering: does this solution simply not work on Apache 2.2.x due to
> > changes to the authentication/authorization setup in Apache 2.2.x?
> >
> > I'm interested to know if anyone else has tried this on Apache 2.2.x,
> > and if you ended in success or failure.
>
> I've never been able to make Apache 2.2 authenticate against multiple
> auth modules at the same time without patching mod_auth_basic and
> usually the other authentication module as well.
>
> I'd be very curious to know how people get this to work without patching
> apache.
>
> --
> Alec.Kloss_at_oracle.com Oracle Middleware
> PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x432B9956
>
> ------------------------------------------------------
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=980286
>
> To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
I've successfully implemented multiple authentication sources, but I
believe the current limitation (until Apache 2.3/2.4 is released) is
that they must all be of the same type (AuthType Basic or AuthType
SSPI). In my case, I was able to do basic authentication with a file
and LDAP.
But I thought it would still be possible. I found a sample config here
-
http://osdir.com/ml/version-control.subversion.ankhsvn.general/2006-04/msg00037.html
<Location /svn/>
DAV svn
SVNParentPath "/srv/svn/my_projects"
AuthName "Subversion Repositories"
Require valid-user #this is all authenticated users on
domain
AuthAuthoritative Off #enables multiple authorities
AuthType SSPI
SSPIAuth On
SSPIAuthoritative Off
#SSPIAuthoritative On - Forces only SSPI auth, skips passwd
file
SSPIOmitDomain On
SSPIDomain MY_AD_DOMAIN
SSPIOfferBasic On
AuthType Basic
AuthUserFile "/srv/svn/auth/basic_users"
AuthzSVNAccessFile "/srv/svn/auth/svn_users"
</Location>
Regards,
Frank
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=980424
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2008-12-08 23:23:27 CET