Re: Unable to access our SVN server using SVN 1.8 client

On 2/25/14, 12:03 PM, Johannes Michler wrote:
> Well but by looking into my logfiles I see that my server is indeed sending
> HTTP-401. Is this the problem?

I don't think there's really anything that a 1.8 client can or should do
different here. The server is saying "give me authn credentials" and the
client is trying to ask for them. The same problem exists for a 1.7 client,
it's just that we don't walk up into trees that you're not expecting so you're
not seeing this sort of loop (and currently mod_dav_svn returns errors rather
than 401's for secondary paths).

Looking at the source for mod_authnz_ldap it appears to return a 401 if the
group check fails.

You've got two basic options here.

1) Patch mod_authnz_ldap so that it returns HTTP_FORBIDDEN. Note that this may
cause problems with other configurations that aren't using LDAP this way.

2) Write a custom authz hook that always returns HTTP_FORBIDDEN that hooks
after the ldap module. Configure your custom module to be turned on for your
location. Then set 'AuthzLDAPAuthoritative off', meaning that the ldap module
will DECLINE and the final module should handle this.

I'm off to lunch but when I get back I can probably write a quick authz module
that does the second bit for you.
Received on 2014-02-25 21:53:32 CET