You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Andrew Arnott <an...@gmail.com> on 2005/06/22 22:31:42 UTC
LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Thanks for reading. I really enjoy using SVN and you developers are doing
great work. I just have a problem with LDAP authentication since upgrading
to your latest and greatest SVN 1.2, and hope you have seen the problem
before and can help me out.
I had an Apache 2.0.52 running under SVN 1.1.1, and my apache configuration
was using LDAP authentication so that anyone to access the repository had to
authenticate to the LDAP. It worked very nicely. When upgrading to SVN 1.2,
SVN warned me to upgrade to Apache 2.0.54, which I did. Then I installed SVN
1.2. Now every time I try to access the repository I get the authentication
box, but when I fill in my credentials and click OK, Apache crashes on the
server, and the client gets nothing. Nothing else has changed but the Apache
and SVN versions. Can you help?
Here is my relevant Apache configuration:
LoadModule ldap_module modules/util_ldap.so
LoadModule auth_ldap_module modules/mod_auth_ldap.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
<VirtualHost 128.187.130.114:80 <http://128.187.130.114:80>>
ServerAdmin AndrewArnott@byu.edu
DocumentRoot "c:/Subversion Repositories"
ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu>
<Location />
DAV svn
SVNPath "c:/Subversion Repositories/fhss"
AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
# try anonymous access first, resort to real
# authentication if necessary.
Satisfy Any
# how to authenticate a user
AuthType Basic
AuthName "Subversion repository"
# Of the two authentication modes below, the BYU LDAP is the
# best usually because it means each developer signs in with
# their own Route Y Net ID and password.
# Sometimes the BYU LDAP is down, and we must redirect
# authentication to our own devices. To swap modes, swap
# which line below is commented out.
AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
# AuthUserFile "C:/Subversion
Repositories/fhss-svn-auth-file-passwords-LDAPdown"
# The fhss-svn-auth-file worries about who gets what access
# require user ala55 atb32 dcp22
require valid-user
</Location>
</VirtualHost>
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Frank Gruman <fg...@verizon.net>.
Could you shut down Apache properly before? From what I read, the only
time you got the error was when you attempted to use the LDAP module.
Also - the error you report - the only thing I can recall/read about it
had something to do with PHP, and it was a while ago. I googled for it,
and found a couple of links, but nothing that could help. Sorry. If
you still have the old modules, that may be your best work-around for now.
Regards,
Frank
Andrew Arnott wrote:
> On 6/23/05, *Clint Stotesbery* <cstotes@hotmail.com
> <ma...@hotmail.com>> wrote:
>
> Same platform as you but I only had upgraded Apache to 2.0.54 and
> the ldap
> module would make Apache hang indefinately. I can't quite remember
> what I
> did to fix it. Can you shutdown Apache cleanly with the ldap modules
> LoadModule statements uncommented?
>
>
> With the LDAP modules uncommented? Yes. They are uncommented now, if
> I understand you correctly, and I can shutdown Apache just fine.
>
> ----Original Message Follows----
> From: Andrew Arnott < andrewarnott@gmail.com
> <ma...@gmail.com>>
> Reply-To: Andrew Arnott <andrewarnott@gmail.com
> <ma...@gmail.com>>
> To: users@subversion.tigris.org <ma...@subversion.tigris.org>
> Subject: RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
> Date: Wed, 22 Jun 2005 20:24:10 -0600
>
> Sorry. I was patting myself on the head for including the apache
> configuration, and neglected to even specify the platform. So here
> goes
> repentence... Thanks again for helping...
>
> It's Windows 2003 Server, and I upgraded to the Apache 2.0.54
> binary that is
> downloadable from Apache's web site. Subversion also was the
> Windows binary
> from Subversion's site.
>
> No, I did not recompile anything. SVN 1.2 came with
> mod_authz_svn.so and
> mod_dav_svn.so, which I copied into Apache's modules directory,
> over the SVN
> 1.1.1 versions that were there previously. For my last setup (with
> prior
> versions of SVN and Apache), this was all that was necessary.
>
> These are the logs that Apache gives right after a crash:
> access.log:
> 128.187.130.114 <http://128.187.130.114> <http://128.187.130.114>
> - - [22/Jun/2005:20:24:03 -0600]
> "GET / HTTP/1.1" 401 495
>
> error.log:
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft
> LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2
> SVN/1.2.0
> configured -- resuming normal operations
> [Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
> [Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft
> LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is
> running
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start
> mutex.
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250
> worker threads.
> [Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited
> with status
> 3221225477 -- Restarting.
>
>
> On 6/22/05, Frank Gruman < fgatwork@verizon.net
> <ma...@verizon.net>> wrote:
> >
> > Silly questions -
> >
> > Did you recompile the ldap modules with Apache?
> > If you look in the Apache error logs, what is being thrown in
> there?
> >
> > If you let us know the steps you took to 'upgrade' Apache and
> Subversion,
> > it will help.
> >
> > Regards,
> > Frank
> >
> > Andrew Arnott wrote:
> >
> > Thanks for reading. I really enjoy using SVN and you developers
> are doing
> > great work. I just have a problem with LDAP authentication since
> upgrading
> > to your latest and greatest SVN 1.2, and hope you have seen the
> problem
> > before and can help me out.
> >
> > I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> > configuration was using LDAP authentication so that anyone to
> access the
> > repository had to authenticate to the LDAP. It worked very
> nicely. When
> > upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54,
> which I
> > did. Then I installed SVN 1.2. Now every time I try to access the
> > repository I get the authentication box, but when I fill in my
> credentials
> > and click OK, Apache crashes on the server, and the client gets
> nothing.
> > Nothing else has changed but the Apache and SVN versions. Can
> you help?
> >
> > Here is my relevant Apache configuration:
> >
> > LoadModule ldap_module modules/util_ldap.so
> > LoadModule auth_ldap_module modules/mod_auth_ldap.so
> > LoadModule dav_module modules/mod_dav.so
> > LoadModule dav_svn_module modules/mod_dav_svn.so
> > LoadModule authz_svn_module modules/mod_authz_svn.so
> >
> > <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80>
> <http://128.187.130.114:80 <http://128.187.130.114:80>>>
> > ServerAdmin AndrewArnott@byu.edu <ma...@byu.edu>
> > DocumentRoot "c:/Subversion Repositories"
> > ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu>
> <http://fhsssvn.byu.edu>
> >
> > <Location />
> > DAV svn
> > SVNPath "c:/Subversion Repositories/fhss"
> > AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
> >
> > # try anonymous access first, resort to real
> > # authentication if necessary.
> > Satisfy Any
> >
> > # how to authenticate a user
> > AuthType Basic
> > AuthName "Subversion repository"
> >
> > # Of the two authentication modes below, the BYU LDAP is the
> > # best usually because it means each developer signs in with
> > # their own Route Y Net ID and password.
> > # Sometimes the BYU LDAP is down, and we must redirect
> > # authentication to our own devices. To swap modes, swap
> > # which line below is commented out.
> >
> > AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> <ldaps://ldap.byu.edu/ou=people,o=byu.edu>
> > # AuthUserFile "C:/Subversion
> > Repositories/fhss-svn-auth-file-passwords-LDAPdown"
> >
> > # The fhss-svn-auth-file worries about who gets what access
> > # require user ala55 atb32 dcp22
> > require valid-user
> > </Location>
> > </VirtualHost>
> >
> > --
> > Andrew Arnott
> > Web Developer
> > Brigham Young University
> > "Men stumble over the truth from time to time, but most pick
> themselves
> up
> > and hurry off as if nothing happened." -WC
> >
> >
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick
> themselves up
> and hurry off as if nothing happened." -WC
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick
> themselves up
> and hurry off as if nothing happened." -WC
>
>
>
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick
> themselves up and hurry off as if nothing happened." -WC
Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Clint Stotesbery <cs...@hotmail.com>.
I agree with what Rick said, just use older ldap modules. I'm pretty sure
that's what I did to fix it. That or I compiled the 2.0.54 ldap modules on
my own and used that instead but I'm pretty sure that didn't fix my issue.
-Clint
----Original Message Follows----
From: Andrew Arnott <an...@gmail.com>
Reply-To: Andrew Arnott <an...@gmail.com>
To: clint.stotesbery@computer.org
CC: users@subversion.tigris.org
Subject: Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Date: Thu, 23 Jun 2005 06:08:19 -0600
On 6/23/05, Clint Stotesbery <cs...@hotmail.com> wrote:
>
> Same platform as you but I only had upgraded Apache to 2.0.54 and the
ldap
> module would make Apache hang indefinately. I can't quite remember what I
> did to fix it. Can you shutdown Apache cleanly with the ldap modules
> LoadModule statements uncommented?
With the LDAP modules uncommented? Yes. They are uncommented now, if I
understand you correctly, and I can shutdown Apache just fine.
----Original Message Follows----
> From: Andrew Arnott <an...@gmail.com>
> Reply-To: Andrew Arnott <an...@gmail.com>
> To: users@subversion.tigris.org
> Subject: RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
> Date: Wed, 22 Jun 2005 20:24:10 -0600
>
> Sorry. I was patting myself on the head for including the apache
> configuration, and neglected to even specify the platform. So here goes
> repentence... Thanks again for helping...
>
> It's Windows 2003 Server, and I upgraded to the Apache 2.0.54 binary that
> is
> downloadable from Apache's web site. Subversion also was the Windows
> binary
> from Subversion's site.
>
> No, I did not recompile anything. SVN 1.2 came with mod_authz_svn.so and
> mod_dav_svn.so, which I copied into Apache's modules directory, over the
> SVN
> 1.1.1 versions that were there previously. For my last setup (with prior
> versions of SVN and Apache), this was all that was necessary.
>
> These are the logs that Apache gives right after a crash:
> access.log:
> 128.187.130.114 <http://128.187.130.114> <http://128.187.130.114> - -
> [22/Jun/2005:20:24:03 -0600]
> "GET / HTTP/1.1" 401 495
>
> error.log:
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2 SVN/1.2.0
> configured -- resuming normal operations
> [Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
> [Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is running
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start mutex.
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250 worker
> threads.
> [Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited with
> status
> 3221225477 -- Restarting.
>
>
> On 6/22/05, Frank Gruman <fg...@verizon.net> wrote:
> >
> > Silly questions -
> >
> > Did you recompile the ldap modules with Apache?
> > If you look in the Apache error logs, what is being thrown in there?
> >
> > If you let us know the steps you took to 'upgrade' Apache and
> Subversion,
> > it will help.
> >
> > Regards,
> > Frank
> >
> > Andrew Arnott wrote:
> >
> > Thanks for reading. I really enjoy using SVN and you developers are
> doing
> > great work. I just have a problem with LDAP authentication since
> upgrading
> > to your latest and greatest SVN 1.2, and hope you have seen the problem
> > before and can help me out.
> >
> > I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> > configuration was using LDAP authentication so that anyone to access
the
> > repository had to authenticate to the LDAP. It worked very nicely. When
> > upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54, which
I
> > did. Then I installed SVN 1.2. Now every time I try to access the
> > repository I get the authentication box, but when I fill in my
> credentials
> > and click OK, Apache crashes on the server, and the client gets
nothing.
> > Nothing else has changed but the Apache and SVN versions. Can you help?
> >
> > Here is my relevant Apache configuration:
> >
> > LoadModule ldap_module modules/util_ldap.so
> > LoadModule auth_ldap_module modules/mod_auth_ldap.so
> > LoadModule dav_module modules/mod_dav.so
> > LoadModule dav_svn_module modules/mod_dav_svn.so
> > LoadModule authz_svn_module modules/mod_authz_svn.so
> >
> > <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80> <
> http://128.187.130.114:80>>
> > ServerAdmin AndrewArnott@byu.edu
> > DocumentRoot "c:/Subversion Repositories"
> > ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu> <
> http://fhsssvn.byu.edu>
> >
> > <Location />
> > DAV svn
> > SVNPath "c:/Subversion Repositories/fhss"
> > AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
> >
> > # try anonymous access first, resort to real
> > # authentication if necessary.
> > Satisfy Any
> >
> > # how to authenticate a user
> > AuthType Basic
> > AuthName "Subversion repository"
> >
> > # Of the two authentication modes below, the BYU LDAP is the
> > # best usually because it means each developer signs in with
> > # their own Route Y Net ID and password.
> > # Sometimes the BYU LDAP is down, and we must redirect
> > # authentication to our own devices. To swap modes, swap
> > # which line below is commented out.
> >
> > AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> > # AuthUserFile "C:/Subversion
> > Repositories/fhss-svn-auth-file-passwords-LDAPdown"
> >
> > # The fhss-svn-auth-file worries about who gets what access
> > # require user ala55 atb32 dcp22
> > require valid-user
> > </Location>
> > </VirtualHost>
> >
> > --
> > Andrew Arnott
> > Web Developer
> > Brigham Young University
> > "Men stumble over the truth from time to time, but most pick themselves
> up
> > and hurry off as if nothing happened." -WC
> >
> >
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves
up
> and hurry off as if nothing happened." -WC
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves
up
> and hurry off as if nothing happened." -WC
>
>
>
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Andrew Arnott <an...@gmail.com>.
On 6/23/05, Clint Stotesbery <cs...@hotmail.com> wrote:
>
> Same platform as you but I only had upgraded Apache to 2.0.54 and the ldap
> module would make Apache hang indefinately. I can't quite remember what I
> did to fix it. Can you shutdown Apache cleanly with the ldap modules
> LoadModule statements uncommented?
With the LDAP modules uncommented? Yes. They are uncommented now, if I
understand you correctly, and I can shutdown Apache just fine.
----Original Message Follows----
> From: Andrew Arnott <an...@gmail.com>
> Reply-To: Andrew Arnott <an...@gmail.com>
> To: users@subversion.tigris.org
> Subject: RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
> Date: Wed, 22 Jun 2005 20:24:10 -0600
>
> Sorry. I was patting myself on the head for including the apache
> configuration, and neglected to even specify the platform. So here goes
> repentence... Thanks again for helping...
>
> It's Windows 2003 Server, and I upgraded to the Apache 2.0.54 binary that
> is
> downloadable from Apache's web site. Subversion also was the Windows
> binary
> from Subversion's site.
>
> No, I did not recompile anything. SVN 1.2 came with mod_authz_svn.so and
> mod_dav_svn.so, which I copied into Apache's modules directory, over the
> SVN
> 1.1.1 versions that were there previously. For my last setup (with prior
> versions of SVN and Apache), this was all that was necessary.
>
> These are the logs that Apache gives right after a crash:
> access.log:
> 128.187.130.114 <http://128.187.130.114> <http://128.187.130.114> - -
> [22/Jun/2005:20:24:03 -0600]
> "GET / HTTP/1.1" 401 495
>
> error.log:
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2 SVN/1.2.0
> configured -- resuming normal operations
> [Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
> [Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
> [Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is running
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start mutex.
> [Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250 worker
> threads.
> [Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited with
> status
> 3221225477 -- Restarting.
>
>
> On 6/22/05, Frank Gruman <fg...@verizon.net> wrote:
> >
> > Silly questions -
> >
> > Did you recompile the ldap modules with Apache?
> > If you look in the Apache error logs, what is being thrown in there?
> >
> > If you let us know the steps you took to 'upgrade' Apache and
> Subversion,
> > it will help.
> >
> > Regards,
> > Frank
> >
> > Andrew Arnott wrote:
> >
> > Thanks for reading. I really enjoy using SVN and you developers are
> doing
> > great work. I just have a problem with LDAP authentication since
> upgrading
> > to your latest and greatest SVN 1.2, and hope you have seen the problem
> > before and can help me out.
> >
> > I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> > configuration was using LDAP authentication so that anyone to access the
> > repository had to authenticate to the LDAP. It worked very nicely. When
> > upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54, which I
> > did. Then I installed SVN 1.2. Now every time I try to access the
> > repository I get the authentication box, but when I fill in my
> credentials
> > and click OK, Apache crashes on the server, and the client gets nothing.
> > Nothing else has changed but the Apache and SVN versions. Can you help?
> >
> > Here is my relevant Apache configuration:
> >
> > LoadModule ldap_module modules/util_ldap.so
> > LoadModule auth_ldap_module modules/mod_auth_ldap.so
> > LoadModule dav_module modules/mod_dav.so
> > LoadModule dav_svn_module modules/mod_dav_svn.so
> > LoadModule authz_svn_module modules/mod_authz_svn.so
> >
> > <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80> <
> http://128.187.130.114:80>>
> > ServerAdmin AndrewArnott@byu.edu
> > DocumentRoot "c:/Subversion Repositories"
> > ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu> <
> http://fhsssvn.byu.edu>
> >
> > <Location />
> > DAV svn
> > SVNPath "c:/Subversion Repositories/fhss"
> > AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
> >
> > # try anonymous access first, resort to real
> > # authentication if necessary.
> > Satisfy Any
> >
> > # how to authenticate a user
> > AuthType Basic
> > AuthName "Subversion repository"
> >
> > # Of the two authentication modes below, the BYU LDAP is the
> > # best usually because it means each developer signs in with
> > # their own Route Y Net ID and password.
> > # Sometimes the BYU LDAP is down, and we must redirect
> > # authentication to our own devices. To swap modes, swap
> > # which line below is commented out.
> >
> > AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> > # AuthUserFile "C:/Subversion
> > Repositories/fhss-svn-auth-file-passwords-LDAPdown"
> >
> > # The fhss-svn-auth-file worries about who gets what access
> > # require user ala55 atb32 dcp22
> > require valid-user
> > </Location>
> > </VirtualHost>
> >
> > --
> > Andrew Arnott
> > Web Developer
> > Brigham Young University
> > "Men stumble over the truth from time to time, but most pick themselves
> up
> > and hurry off as if nothing happened." -WC
> >
> >
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves up
> and hurry off as if nothing happened." -WC
>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves up
> and hurry off as if nothing happened." -WC
>
>
>
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Clint Stotesbery <cs...@hotmail.com>.
Same platform as you but I only had upgraded Apache to 2.0.54 and the ldap
module would make Apache hang indefinately. I can't quite remember what I
did to fix it. Can you shutdown Apache cleanly with the ldap modules
LoadModule statements uncommented?
----Original Message Follows----
From: Andrew Arnott <an...@gmail.com>
Reply-To: Andrew Arnott <an...@gmail.com>
To: users@subversion.tigris.org
Subject: RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Date: Wed, 22 Jun 2005 20:24:10 -0600
Sorry. I was patting myself on the head for including the apache
configuration, and neglected to even specify the platform. So here goes
repentence... Thanks again for helping...
It's Windows 2003 Server, and I upgraded to the Apache 2.0.54 binary that is
downloadable from Apache's web site. Subversion also was the Windows binary
from Subversion's site.
No, I did not recompile anything. SVN 1.2 came with mod_authz_svn.so and
mod_dav_svn.so, which I copied into Apache's modules directory, over the SVN
1.1.1 versions that were there previously. For my last setup (with prior
versions of SVN and Apache), this was all that was necessary.
These are the logs that Apache gives right after a crash:
access.log:
128.187.130.114 <http://128.187.130.114> - - [22/Jun/2005:20:24:03 -0600]
"GET / HTTP/1.1" 401 495
error.log:
[Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
[Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
[Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2 SVN/1.2.0
configured -- resuming normal operations
[Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
[Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
[Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
[Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is running
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start mutex.
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250 worker threads.
[Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited with status
3221225477 -- Restarting.
On 6/22/05, Frank Gruman <fg...@verizon.net> wrote:
>
> Silly questions -
>
> Did you recompile the ldap modules with Apache?
> If you look in the Apache error logs, what is being thrown in there?
>
> If you let us know the steps you took to 'upgrade' Apache and Subversion,
> it will help.
>
> Regards,
> Frank
>
> Andrew Arnott wrote:
>
> Thanks for reading. I really enjoy using SVN and you developers are doing
> great work. I just have a problem with LDAP authentication since
upgrading
> to your latest and greatest SVN 1.2, and hope you have seen the problem
> before and can help me out.
>
> I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> configuration was using LDAP authentication so that anyone to access the
> repository had to authenticate to the LDAP. It worked very nicely. When
> upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54, which I
> did. Then I installed SVN 1.2. Now every time I try to access the
> repository I get the authentication box, but when I fill in my
credentials
> and click OK, Apache crashes on the server, and the client gets nothing.
> Nothing else has changed but the Apache and SVN versions. Can you help?
>
> Here is my relevant Apache configuration:
>
> LoadModule ldap_module modules/util_ldap.so
> LoadModule auth_ldap_module modules/mod_auth_ldap.so
> LoadModule dav_module modules/mod_dav.so
> LoadModule dav_svn_module modules/mod_dav_svn.so
> LoadModule authz_svn_module modules/mod_authz_svn.so
>
> <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80>>
> ServerAdmin AndrewArnott@byu.edu
> DocumentRoot "c:/Subversion Repositories"
> ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu>
>
> <Location />
> DAV svn
> SVNPath "c:/Subversion Repositories/fhss"
> AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
>
> # try anonymous access first, resort to real
> # authentication if necessary.
> Satisfy Any
>
> # how to authenticate a user
> AuthType Basic
> AuthName "Subversion repository"
>
> # Of the two authentication modes below, the BYU LDAP is the
> # best usually because it means each developer signs in with
> # their own Route Y Net ID and password.
> # Sometimes the BYU LDAP is down, and we must redirect
> # authentication to our own devices. To swap modes, swap
> # which line below is commented out.
>
> AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> # AuthUserFile "C:/Subversion
> Repositories/fhss-svn-auth-file-passwords-LDAPdown"
>
> # The fhss-svn-auth-file worries about who gets what access
> # require user ala55 atb32 dcp22
> require valid-user
> </Location>
> </VirtualHost>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves
up
> and hurry off as if nothing happened." -WC
>
>
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Andrew Arnott <an...@gmail.com>.
Sorry. I was patting myself on the head for including the apache
configuration, and neglected to even specify the platform. So here goes
repentence... Thanks again for helping...
It's Windows 2003 Server, and I upgraded to the Apache 2.0.54 binary that is
downloadable from Apache's web site. Subversion also was the Windows binary
from Subversion's site.
No, I did not recompile anything. SVN 1.2 came with mod_authz_svn.so and
mod_dav_svn.so, which I copied into Apache's modules directory, over the SVN
1.1.1 versions that were there previously. For my last setup (with prior
versions of SVN and Apache), this was all that was necessary.
These are the logs that Apache gives right after a crash:
access.log:
128.187.130.114 <http://128.187.130.114> - - [22/Jun/2005:20:24:03 -0600]
"GET / HTTP/1.1" 401 495
error.log:
[Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
[Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
[Wed Jun 22 20:23:46 2005] [notice] Apache/2.0.54 (Win32) DAV/2 SVN/1.2.0
configured -- resuming normal operations
[Wed Jun 22 20:23:46 2005] [notice] Server built: Apr 16 2005 14:25:31
[Wed Jun 22 20:23:46 2005] [notice] Parent: Created child process 5296
[Wed Jun 22 20:23:46 2005] [notice] LDAP: Built with Microsoft LDAP SDK
[Wed Jun 22 20:23:46 2005] [notice] LDAP: SSL support available
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Child process is running
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Acquired the start mutex.
[Wed Jun 22 20:23:46 2005] [notice] Child 5296: Starting 250 worker threads.
[Wed Jun 22 20:24:10 2005] [notice] Parent: child process exited with status
3221225477 -- Restarting.
On 6/22/05, Frank Gruman <fg...@verizon.net> wrote:
>
> Silly questions -
>
> Did you recompile the ldap modules with Apache?
> If you look in the Apache error logs, what is being thrown in there?
>
> If you let us know the steps you took to 'upgrade' Apache and Subversion,
> it will help.
>
> Regards,
> Frank
>
> Andrew Arnott wrote:
>
> Thanks for reading. I really enjoy using SVN and you developers are doing
> great work. I just have a problem with LDAP authentication since upgrading
> to your latest and greatest SVN 1.2, and hope you have seen the problem
> before and can help me out.
>
> I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> configuration was using LDAP authentication so that anyone to access the
> repository had to authenticate to the LDAP. It worked very nicely. When
> upgrading to SVN 1.2, SVN warned me to upgrade to Apache 2.0.54, which I
> did. Then I installed SVN 1.2. Now every time I try to access the
> repository I get the authentication box, but when I fill in my credentials
> and click OK, Apache crashes on the server, and the client gets nothing.
> Nothing else has changed but the Apache and SVN versions. Can you help?
>
> Here is my relevant Apache configuration:
>
> LoadModule ldap_module modules/util_ldap.so
> LoadModule auth_ldap_module modules/mod_auth_ldap.so
> LoadModule dav_module modules/mod_dav.so
> LoadModule dav_svn_module modules/mod_dav_svn.so
> LoadModule authz_svn_module modules/mod_authz_svn.so
>
> <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80>>
> ServerAdmin AndrewArnott@byu.edu
> DocumentRoot "c:/Subversion Repositories"
> ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu>
>
> <Location />
> DAV svn
> SVNPath "c:/Subversion Repositories/fhss"
> AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
>
> # try anonymous access first, resort to real
> # authentication if necessary.
> Satisfy Any
>
> # how to authenticate a user
> AuthType Basic
> AuthName "Subversion repository"
>
> # Of the two authentication modes below, the BYU LDAP is the
> # best usually because it means each developer signs in with
> # their own Route Y Net ID and password.
> # Sometimes the BYU LDAP is down, and we must redirect
> # authentication to our own devices. To swap modes, swap
> # which line below is commented out.
>
> AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> # AuthUserFile "C:/Subversion
> Repositories/fhss-svn-auth-file-passwords-LDAPdown"
>
> # The fhss-svn-auth-file worries about who gets what access
> # require user ala55 atb32 dcp22
> require valid-user
> </Location>
> </VirtualHost>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick themselves up
> and hurry off as if nothing happened." -WC
>
>
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
--
Andrew Arnott
Web Developer
Brigham Young University
"Men stumble over the truth from time to time, but most pick themselves up
and hurry off as if nothing happened." -WC
Re: LDAP authentication broke after SVN upgrade 1.1.1 to 1.2
Posted by Frank Gruman <fg...@verizon.net>.
Silly questions -
Did you recompile the ldap modules with Apache?
If you look in the Apache error logs, what is being thrown in there?
If you let us know the steps you took to 'upgrade' Apache and
Subversion, it will help.
Regards,
Frank
Andrew Arnott wrote:
> Thanks for reading. I really enjoy using SVN and you developers are
> doing great work. I just have a problem with LDAP authentication
> since upgrading to your latest and greatest SVN 1.2, and hope you have
> seen the problem before and can help me out.
>
> I had an Apache 2.0.52 running under SVN 1.1.1, and my apache
> configuration was using LDAP authentication so that anyone to access
> the repository had to authenticate to the LDAP. It worked very
> nicely. When upgrading to SVN 1.2, SVN warned me to upgrade to Apache
> 2.0.54, which I did. Then I installed SVN 1.2. Now every time I try
> to access the repository I get the authentication box, but when I fill
> in my credentials and click OK, Apache crashes on the server, and the
> client gets nothing. Nothing else has changed but the Apache and SVN
> versions. Can you help?
>
> Here is my relevant Apache configuration:
>
> LoadModule ldap_module modules/util_ldap.so
> LoadModule auth_ldap_module modules/mod_auth_ldap.so
> LoadModule dav_module modules/mod_dav.so
> LoadModule dav_svn_module modules/mod_dav_svn.so
> LoadModule authz_svn_module modules/mod_authz_svn.so
>
> <VirtualHost 128.187.130.114:80 <http://128.187.130.114:80>>
> ServerAdmin AndrewArnott@byu.edu <ma...@byu.edu>
> DocumentRoot "c:/Subversion Repositories"
> ServerName fhsssvn.byu.edu <http://fhsssvn.byu.edu>
>
> <Location />
> DAV svn
> SVNPath "c:/Subversion Repositories/fhss"
> AuthzSVNAccessFile "c:/Subversion Repositories/fhss-svn-auth-file"
>
> # try anonymous access first, resort to real
> # authentication if necessary.
> Satisfy Any
>
> # how to authenticate a user
> AuthType Basic
> AuthName "Subversion repository"
>
> # Of the two authentication modes below, the BYU LDAP is the
> # best usually because it means each developer signs in with
> # their own Route Y Net ID and password.
> # Sometimes the BYU LDAP is down, and we must redirect
> # authentication to our own devices. To swap modes, swap
> # which line below is commented out.
>
> AuthLDAPUrl ldaps://ldap.byu.edu/ou=people,o=byu.edu
> # AuthUserFile "C:/Subversion
> Repositories/fhss-svn-auth-file-passwords-LDAPdown"
>
> # The fhss-svn-auth-file worries about who gets what access
> # require user ala55 atb32 dcp22
> require valid-user
> </Location>
> </VirtualHost>
>
> --
> Andrew Arnott
> Web Developer
> Brigham Young University
> "Men stumble over the truth from time to time, but most pick
> themselves up and hurry off as if nothing happened." -WC