Hi,
Gerard Weatherby wrote:
> We've used server version 1.6 with svnserve on an existing project and it works great. (All teams members are inside firewall)
>
> We have a new project with outside collaborations and some not open source code, so we set up https:// Mod Dav using apache2 and pwauth for validation -- we have other resources and prefer using the same authentication for all for simplicity.
>
> It "works" but the performance makes it nearly unusable. Monitoring the server using the top linux utility indicates many, many invocations of "pwauth" for a single client request. The next thing I was going to try was to install an sssd daemon on the server, but I wanted to ask if there was anything else I was missing.
> [...]
> LoadModule authnz_external_module modules/mod_authnz_external.so
> DefineExternalAuth pwauth pipe /usr/bin/pwauth
>
> <LocationMatch "/(mediawiki|repos|developer)/">
>
> # Require SSL connection for password protection.
> SSLRequireSSL
>
> AuthType Basic
> AuthName "realm name"
> AuthBasicProvider external
> AuthExternal pwauth
> require valid-user
>
> </LocationMatch>
The many invocations are expected with DefineExternalAuth. Svn uses many http connections for a single operations. Maybe you would like to choose one of the more integrated authentication methods available with Apache httpd. As you would like to retain pwauth, mod_auth_pam comes to mind.
Andreas
Received on 2015-10-09 17:02:47 CEST