Home: :Contact Me

Tuesday, July 29, 2008

SVN with Apache + LDAP

We have been using CVS at work for long, though personally I am a big fan of SVN. Lately we thought to catch up with the SVN buzz and I was asked to have a Proof Of Concept before we officially move to SVN. Installation of SVN with Apache was pretty straightforward. Though LDAP integration was also simpler but at times it failed without any obvious reasons. Here are the steps for the entire process on Windows XP-

1. Install Apache 2.2.
2. Install SVN 1.5 by unzipping the distribution.
3. Add SVN\bin folder to PATH.
4. Copy mod_dav_svn.so to modules directory of Apache.
5. Add following line in Apache conf file-
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so

# Following are required for LDAP authentication
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so

6. Download [svnindex.css and svnindex.xsl] from http://svn.collab.net/repos/svn/trunk/tools/xslt/
and put them in 'htdocs' folder of Apache. This will do nice listing of SVN contents.

7. Add the repository location in http conf file, this will have LDAP auth as well

 #Location of repository
 <Location>
DAV svn

 SVNParentPath C:\svn
 SVNListParentPath on
 SVNIndexXSLT "/svnindex.xsl"

 AuthType Basic
 AuthBasicProvider ldap
 AuthzLDAPAuthoritative off
 AuthName "My SVN Setup"
 AuthLDAPURL ldap://host:3268/dc=X,dc=Y?sAMAccountName?sub?(objectClass=user) NONE
 AuthLDAPBindDN myUserID
 AuthLDAPBindPassword myPassword
 Require valid-user
 </Location>

7. Run 'httpd' command from Apache

VOILA! YOU ARE DONE

I gave it a try on Fedora 4 as well, which comes with Apache 2.2 and SVN 1.4 pre-installed. Only thing that was missing was there 'mod_dav_svn'. Getting that to with YUM is pretty simple, just do-
yum install mod_dav_svn

Here we were using Active Directory as our LDAP server. Initially I used the port 389 in the AUthLDAPURL shown above and it worked fine for first 2 weeks but after that it failed without any obvious reasons with this error message in Apache log files-
[ldap_search_ext_s() for user failed][Operations Error]

It made it to work for brief periods by re-starting the Apache. Re-starting is not an option in production. After googling for some time I found suggestions to use port 3268 instead of 389. More than 2 weeks has been passed since I switched to port 3268 and it is working fine till date :-)

My next step will be to convert some CVS repositories to SVN. Will update soon about the results of this conversion.

Bookmark to Delicous Digg it StumbleUpon Reddit Submit to Technorati Submit to DZone
 

Labels: , , ,

7 Comments:

Anonymous said...

Thanks man you saved me with that port fix

August 21, 2008 12:08 pm  
Anonymous said...

hi vinod

i am trying to provide ldap(opends 1.2) authentication for svn(1.4.3) through apache(2.2.9)
i am getting error
ldap_simple_bind_s() failed can't contact server.
what could be the problem

plz guide me
give me some sample ldif file and resp httpd.conf

Thanks in advance
visu

April 02, 2009 10:10 am  
Anonymous said...

Visu,

I integrated Apache with ActiveDirectory and whatever configuration mentioned in this entry is all I used. I have idea about OpenDS.

April 02, 2009 12:02 pm  
Vasiliy said...

Just thank you.

January 28, 2010 6:22 pm  
Anonymous said...

Hi Vinod,

Thank you so much. This issue was bugging me. The port change seems to have resolved the problem

September 15, 2010 8:19 pm  
Anonymous said...

Oh man! This really rocks! Thank you!
From Brazil

October 29, 2011 12:48 am  
Gay Sex Club Richmond Hill said...

Very nice blogg you have here

November 09, 2024 11:20 am  

Post a Comment

Subscribe to: Post Comments (Atom)