Monday, November 13, 2006

Linux: Fixing authentication in Apache 2, after doing an upgrade

This is the second post on upgrading my Debian box to testing. Obviously everything was b0rken, even authentication mechanisms put in place for Apache2. Apache2 is using the local LDAP server for authenticating users on a subversion repository. Apparently, the people of Apache did some "refactoring" on the naming of their authentication modules. They renamed auth_ldap to authnz_ldap. Enabling this module instead of the outdated on, did not do the trick. I got the following error instead:

[Thu Nov 02 19:07:26 2006] [crit] [client] configuration error: couldn't check user. No user file?: /svn/configs/!svn/act/ed8028d3-8254-bd4c-bc94-c3b93f8b97bb
[Thu Nov 02 19:07:44 2006] [crit] [client] configuration error: couldn't check user. No user file?: /svn/configs/!svn/act/b2296e68-a114-8e49-aea6-bebfe78947bf
[Thu Nov 02 19:14:57 2006] [notice] caught SIGTERM, shutting down

I did some more reading and found this presentation very useful: TH21 - Using LDAP Authentication in Apache 2.2.ppt (I want to post a link, but the site seems down)
After updating my config, authentication started working again. Here it is:

<Location /svn/configs/>
<LimitExcept GET PROPFIND OPTIONS REPORT>
AuthType Basic
AuthName "svn"
AuthBasicProvider ldap
AuthLDAPURL ldap://localhost:389/ou=Users,dc=MyDomain?uid
AuthzLDAPAuthoritative off
require valid-user
</LimitExcept>
</Location>

That wasn't that bad ... was it ;)

2 comments:

zappa said...

Nice new 'skin'
;-)

zappa

zappa said...

Nice new 'skin'
;-)

zappa