Comments on: LDAP Authentication for Subversion on Ubuntu Feisty

By: A successful story after a long try | Micro Thoughts

A successful story after a long try | Micro Thoughts — Wed, 21 Oct 2009 07:11:28 +0000

[...] Kurt Wolf’s LDAP Authentication for Subversion on Ubuntu Feisty [...]

By: Confluence: Subversion

Confluence: Subversion — Mon, 12 May 2008 02:34:49 +0000

Bare Metal Installation…

Table of contents 1/9/2008 15:06 Hi Dan, svndev is up and running. It’s got ubuntu 6.06 LTS running. I haven’t done much for configuration. Here’s what’s there: hostname: svndev.control4.com IP: 10.11.11…….

By: Kurt Wolf

Kurt Wolf — Thu, 10 Jan 2008 01:36:29 +0000

Scott, great tip! This URL will give you more information regarding these commands.

http://www.debian-administration.org/articles/207

By: Scott Frazer

Scott Frazer — Wed, 09 Jan 2008 20:22:32 +0000

Just as an FYI:

Instead of creating the module links by hand, you can use a2enmod:

sudo a2enmod dav_svn

will automatically create the appropriate *.load and *.conf links into mods-enabled

a2ensite does the same thing with sites-available, and a2dismod and a2dissite will turn them off.

By: Kurt

Kurt — Sat, 10 Nov 2007 04:45:02 +0000

The only problem I see with all of this is the ldap:// URL Doesn’t that mean that you are sending AD usernames and passwords over the network in plain text? And ldaps:// would be secure (assuming AD is configured properly)?

By: rallat

rallat — Wed, 05 Sep 2007 13:17:12 +0000

Thanks, You help me a lot. All good only to say:

1-the chowm parameter is -R
2-I used another LDAPURL i think this depend on how you make your schema on ldap.
3-you can make your repository where you want, but you have to give permissions to www-data (apache user)
4- Great template design for the blog
5-thanks thanks and more thanks

By: Tom Hallam

Tom Hallam — Wed, 05 Sep 2007 04:13:55 +0000

From the mod_authnz_ldap man page:

“Other Require values may also be used which may require loading additional authorization modules. Note that if you use a Require value from another authorization module [eg require valid-user], you will need to ensure that AuthzLDAPAuthoritative is set to off to allow the authorization phase to fall back to the module providing the alternate Require value.”

So if you dont have to set AuthzLDAPAuthoritative! It’s only needed because you use “require valid-user”

By: randomnoise» Blog Archive » Ubuntu server setup: LAMP+LDAP+SVN+Trac+MoinMoin

Sun, 02 Sep 2007 13:06:27 +0000

[...] Kind of okay notes on installation w/LDAP [...]

By: Arthur

Arthur — Thu, 02 Aug 2007 06:48:21 +0000

About the require valid-user directive and AuthzLDAPAuthoritative, this was a real pain for me aswell. The documentation (http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html) states that require valid-user “requires that mod_authz_user be loaded and that the AuthzLDAPAuthoritative directive be set to off.” Notice the last part of the last sentence. I’m not sure why that is, but my guess is that Apache needs to authorize the user after he/she has been authenticated through LDAP. Another option is to use require ldap-user which does not require you to set AuthzLDAPAuthoritative to off.

By: xyb

xyb — Sat, 28 Jul 2007 08:13:13 +0000

On my Ubuntu 7.04 apache-22.0.55-4ubuntu4 subversion 1.4.3dfsg1-1ubuntu1, these two links needed:

$ sudo ln -s /etc/apache2/mods-available/ldap.load /etc/apache2/mods-enabled/

$ sudo ln -s /etc/apache2/mods-available/authnz_ldap.load /etc/apache2/mods-enabled/