subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Fischer <kenneth.a.fisc...@gmail.com>
Subject Issues authenticating against SAMBA PDC
Date Thu, 15 May 2014 03:14:23 GMT
Hello all,

I'm in need of some help getting my subversion server to allow me to
domain authentication.  I have setup a CentOS 6.5 machine running
samba to act as my primary domain controller.  I then setup another
CentOS 6.5 machine to act as my subversion server, and using winbind I
was able to join that machine to the domain following this tutorial:

https://www.youtube.com/watch?v=c-vWAaocRU0

On the subversion server I am using Apache subversion with Apache 2.2.15.

Below is my subversion.conf script, which includes some commented out
previous attempts.  Basically what happens is that I go to a client
machine, navigate to /svn/svn/mytestproj in firefox, and attempt to
log in.  This works fine with basic authentication.  When I try to use
domain authentication I get the login prompt, I type in
TESTLAB\kfischer as my username and enter my password.  It seems to
reject this and immediately prompts me for the password again (no
warning or error message).  After three attempts I eventually get an
Authorization Required message.

Anyone have any ideas on what I am doing wrong?  Your help is greatly
appreciated!

Best regards,
Ken


####################START SCRIPT##################################
#Load Apache LDAP Modules
LoadModule ldap_module          modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

#Load Subversion Apache Modules
LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

#Load winbind module.... commented out now since this didn't work
#LoadModule auth_ntlm_winbind_module
/usr/lib/apache2/modules/mod_auth_ntlm_winbind.so


#Work around for authz and SVNListParentPath issue
RedirectMatch ^(/repos)$ $1/

#Enable Subversion Logging
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION

<Location /svn>
  DAV svn
  SVNParentPath /var/www/svn
  SVNListParentPath On
  SVNAutoversioning On
  AuthType Basic
  AuthName "TESTLAB"
  AuthBasicProvider ldap
  AuthzLDAPAuthoritative on
  AuthLDAPBindDN "CN=ldapbind,CN=Users,DC=TESTLAB,DC=LBTE"
  AuthLDAPBindPassword ldapbind!12
  AuthLDAPURL "ldap://testlab.lbte:3268/DC=TESTLAB,DC=LBTE?sAMAccountName?sub?(ObjectClass=*)"
  Require valid-user
</Location>

####  FAILED PREVIOUS ATTEMPTS
#<Location /svn>
#---trying to use mod_auth_ntlm_winbind
#  DAV svn
#  AuthName "TESTLAB.LBTE"
#  NTLMAuth on
#  NegotiateAuth on
#  NTLMAuthHelper "/usr/bin/ntlm_auth --domain=testlab.lbte
--helper-protocol=squid-2.5-ntlmssp"
#  NegotiateAuthHelper "/usr/bin/ntlm_auth --helper-protocol=gss-spnego"
#  NTLMBasicAuthoritative on
#  AuthType NTLM
#  AuthType Negotiate
#  require valid-usr
#  SVNParentPath /var/www/svn
#  SVNListParentPath on

#----attempt at LDAP----------------------------------------------------------
#  DAV svn
#  SVNParentPath /var/www/svn
#  SVNListParentPath on

#  order allow,deny
#  allow from all
#  Options Indexes
#  AuthzLDAPAuthoritative On

#  AuthName "TESTLAB.LBTE"
#  AuthType Basic
#  AuthBasicProvider ldap
#  AuthzLDAPAuthoritative On

#  AuthLDAPBindDN "CN=ldapbind,CN=linuxusers,DC=testlab,DC=lbte"
#  AuthLDAPBindPassword "ldapbind!12"

#  AuthLDAPURL "ldap://testlab.lbte:3268/DC=testlab,DC=lbte?sAMAccountName?sub?(objectClass=*)"
NONE
#  Require ldap-group CN=linuxusers,OU=Groups,DC=testlab,DC=lbte

#--BASIC CONFIGURATION---THIS DOES WORK I JUST HAVE IT DISABLED RIGHT
NOW----------------------------------

#  DAV svn
#  SVNParentPath /var/www/svn
#  AuthType Basic
#  AuthName "Subversion repositories"
#  AuthUserFile /etc/svn-auth-users
#  Require valid-user


#</Location>
################################################################################################

Mime
View raw message