Question about Basic Authentication
Hello, System Configuration: Windows Server 2003 Apache Subversion 1.7.6 TortoiseSVN 1.7.9 HTTP Server 2.2.22 I am trying to configure Subversion with Basic Authentication but the error log indicates the user cannot be found which tells me the passwd file is not being seen. In this example the top level directory of the Repository is C:\svnrepos\test1. IP has been masked for security purposes. Should the passwd file reside elsewhere? Perhaps relative to the ServerRoot? LoadModules: - The "mod_auth_basic.so" load module is enabled in httpd.conf LoadModule auth_basic_module modules/mod_auth_basic.so Fragment of httpd.conf directive (it references full path to the passwd file...) DAV svn SVNParentPath c:/svnrepos AuthType Basic AuthName "Subversion repositories" AuthUserFile C:/svnrepos/test1/conf/passwd Require valid-user Fragment from access log: xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS /svn/test1 HTTP/1.1" 401 401 xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS /svn/test1 HTTP/1.1" 401 401 Fragment from error log: Thu Sep 06 15:30:48 2012] [error] [client xxx..xx.x.xx] user jimmy not found: /svn/test1 URL from within the TortoiseSVN GUI (on the local machine): http:///svn/test1 David Anastasio Jacobs Technology
RE: Question about Basic Authentication
[Note: please post in plain text if at all possible!] > -Original Message- > From: Anastasio, David M CTR USAF AFMC AFLCMC/HNID > [mailto:david.anastasio@hanscom.af.mil] > Sent: 06 September 2012 16:26 > To: users@subversion.apache.org > Subject: Question about Basic Authentication > > Hello, > > System Configuration: > > Windows Server 2003 > Apache Subversion 1.7.6 > TortoiseSVN 1.7.9 > HTTP Server 2.2.22 > > I am trying to configure Subversion with Basic Authentication > but the error log indicates the user cannot be found which > tells me the passwd file is not being seen. > > In this example the top level directory of the Repository is > C:\svnrepos\test1. > > IP has been masked for security purposes. > > Should the passwd file reside elsewhere? Perhaps relative to > the ServerRoot? > > LoadModules: - The "mod_auth_basic.so" load module is > enabled in httpd.conf > > LoadModule auth_basic_module modules/mod_auth_basic.so Just in case... Something that caught me when I started with apache is that the `require valid_user` directive is provided by `mod_authz_user` and I had disabled that as I thought I wasn't using it with basic etc. It took quite a bit of to-ing and fro-ing through the apache docs [1] before I got it right... [1] http://httpd.apache.org/docs/2.2/mod/mod_authz_user.html ~ mark c > Fragment of httpd.conf directive (it references > full path to the passwd file...) > > > DAV svn > SVNParentPath c:/svnrepos > AuthType Basic > AuthName "Subversion repositories" > AuthUserFile C:/svnrepos/test1/conf/passwd > Require valid-user > > > Fragment from access log: > > xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS > /svn/test1 HTTP/1.1" 401 401 > > xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS > /svn/test1 HTTP/1.1" 401 401 > > Fragment from error log: > > Thu Sep 06 15:30:48 2012] [error] [client xxx..xx.x.xx] user > jimmy not found: /svn/test1 > > URL from within the TortoiseSVN GUI (on the local machine): > > http:///svn/test1 > > David Anastasio > Jacobs Technology
RE: Question about Basic Authentication
The mod_authz_user shared object was already enabled in my configuration. Still looking for an answer. Thanks -Original Message- From: Cooke, Mark [mailto:mark.co...@siemens.com] Sent: Thursday, September 06, 2012 11:44 AM To: Anastasio, David M CTR USAF AFMC AFLCMC/HNID; users@subversion.apache.org Subject: RE: Question about Basic Authentication [Note: please post in plain text if at all possible!] > -Original Message- > From: Anastasio, David M CTR USAF AFMC AFLCMC/HNID > [mailto:david.anastasio@hanscom.af.mil] > Sent: 06 September 2012 16:26 > To: users@subversion.apache.org > Subject: Question about Basic Authentication > > Hello, > > System Configuration: > > Windows Server 2003 > Apache Subversion 1.7.6 > TortoiseSVN 1.7.9 > HTTP Server 2.2.22 > > I am trying to configure Subversion with Basic Authentication > but the error log indicates the user cannot be found which > tells me the passwd file is not being seen. > > In this example the top level directory of the Repository is > C:\svnrepos\test1. > > IP has been masked for security purposes. > > Should the passwd file reside elsewhere? Perhaps relative to > the ServerRoot? > > LoadModules: - The "mod_auth_basic.so" load module is > enabled in httpd.conf > > LoadModule auth_basic_module modules/mod_auth_basic.so Just in case... Something that caught me when I started with apache is that the `require valid_user` directive is provided by `mod_authz_user` and I had disabled that as I thought I wasn't using it with basic etc. It took quite a bit of to-ing and fro-ing through the apache docs [1] before I got it right... [1] http://httpd.apache.org/docs/2.2/mod/mod_authz_user.html ~ mark c > Fragment of httpd.conf directive (it references > full path to the passwd file...) > > > DAV svn > SVNParentPath c:/svnrepos > AuthType Basic > AuthName "Subversion repositories" > AuthUserFile C:/svnrepos/test1/conf/passwd > Require valid-user > > > Fragment from access log: > > xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS > /svn/test1 HTTP/1.1" 401 401 > > xxx..xx.x.xx - "" [06/Sep/2012:15:38:37 +0100] "OPTIONS > /svn/test1 HTTP/1.1" 401 401 > > Fragment from error log: > > Thu Sep 06 15:30:48 2012] [error] [client xxx..xx.x.xx] user > jimmy not found: /svn/test1 > > URL from within the TortoiseSVN GUI (on the local machine): > > http:///svn/test1 > > David Anastasio > Jacobs Technology smime.p7s Description: S/MIME cryptographic signature
Re: Question about Basic Authentication
"Anastasio, David M CTR USAF AFMC AFLCMC/HNID" writes: > The mod_authz_user shared object was already enabled in my configuration. > Still looking for an answer. >> SVNParentPath c:/svnrepos >> AuthType Basic >> AuthName "Subversion repositories" >> AuthUserFile C:/svnrepos/test1/conf/passwd It looks like you are using the standard location for the svnserve password file as the location for the Apache password file. I suspect you are trying to use as svnserve password file which has the wrong format for Apache; you need to use a file created using htpasswd. You are using a single password file for all repositories in /svnrepos but you have chosen to put that single file inside the /svnrepos/test1 repository. That can work but is a bit odd. -- Philip
RE: Question about Basic Authentication
Yes, I think that is exactly the problem here. I will try to create the password file with htpasswd. Does Apache suggest where the password file should reside? Is it restricted to a certain location? I couldn't find this in the documentation. Thank you. Dave -Original Message- From: MARTIN PHILIP [mailto:codematt...@ntlworld.com] On Behalf Of Philip Martin Sent: Thursday, September 06, 2012 2:02 PM To: Anastasio, David M CTR USAF AFMC AFLCMC/HNID Cc: users@subversion.apache.org Subject: Re: Question about Basic Authentication "Anastasio, David M CTR USAF AFMC AFLCMC/HNID" writes: > The mod_authz_user shared object was already enabled in my configuration. > Still looking for an answer. >> SVNParentPath c:/svnrepos >> AuthType Basic >> AuthName "Subversion repositories" >> AuthUserFile C:/svnrepos/test1/conf/passwd It looks like you are using the standard location for the svnserve password file as the location for the Apache password file. I suspect you are trying to use as svnserve password file which has the wrong format for Apache; you need to use a file created using htpasswd. You are using a single password file for all repositories in /svnrepos but you have chosen to put that single file inside the /svnrepos/test1 repository. That can work but is a bit odd. -- Philip smime.p7s Description: S/MIME cryptographic signature
Re: Question about Basic Authentication
On 9/6/2012 11:08 AM, Anastasio, David M CTR USAF AFMC AFLCMC/HNID wrote: Yes, I think that is exactly the problem here. I will try to create the password file with htpasswd. Does Apache suggest where the password file should reside? Is it restricted to a certain location? I couldn't find this in the documentation. Thank you. Dave There is no standard password file location, as AuthUserFile is specified directly in the block in your httpd.conf. Under Linux I put the password file in /etc with the rest of the system password files. The essential requirement is that the file *not* be visible from outside the server, i.e. don't put it into your repository directory or another directory under your DocumentRoot. Unfortunately, I have seen this happen - "hey, what's in http://server.name/passwd.txt";? It wasn't a Subversion repository that time (and worse yet, the passwords were plaintext), but password file location is a trap for the unwary. I've never set up Apache under Windows, so I can't suggest a "good" location. Maybe the directory in which httpd.conf is stored? -- David Chapman dcchap...@acm.org Chapman Consulting -- San Jose, CA Software Development Done Right. www.chapman-consulting-sj.com
RE: Question about Basic Authentication
Hello I am trying to create a repository without a lot of junk that exists with the source. Namely 2 files and two folders. The import command doesn't seem to allow exclusion, at least not in the book. These exclusions also need to be applied to all users so a directory property is required. But the directory property is not allowed if a working copy does not exist. This project contains 44 modules in separate directories. So the best way I can figure out how to do this is edit the config file, import the project, set the svn:ignore property on each of the 44 directories and I'm done. In which case every time I add a module I must remember to repeat setting the svn:ignore. Note: the documentation says the config file accepts whitespace delimited "ignores" while the svn:ignore accepts new-line separated "ignores". I hope that is an error since I do not know if I can type a new line at my command prompt. Very tedious, unless, of course, there is a better way. JM
Re: Question about Basic Authentication
Guten Tag John Maher, am Donnerstag, 6. September 2012 um 21:52 schrieben Sie: > Very tedious, unless, of course, there is a better way. You really should start a new thread and maybe ask a question. Mit freundlichen Grüßen, Thorsten Schöning -- Thorsten Schöning E-Mail:thorsten.schoen...@am-soft.de AM-SoFT IT-Systeme http://www.AM-SoFT.de/ Telefon.030-2 1001-310 Fax...05151- 9468- 88 Mobil..0178-8 9468- 04 AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
RE: Question about Basic Authentication
Thank you, David I did come across another thread with an example that places the password file under the 'conf' sub-directory alongside the http.conf file; so your suggestion is a good one. I also noticed in the same thread that the password file is actually called "svn-password.pass" as opposed to "passwd" which may account for the problems I've had with authentication. On Windows, one must run the htpasswd.exe file from the DOS command line. Thanks, Dave -Original Message- From: David Chapman [mailto:dcchap...@acm.org] Sent: Thursday, September 06, 2012 2:39 PM To: Anastasio, David M CTR USAF AFMC AFLCMC/HNID Cc: users@subversion.apache.org Subject: Re: Question about Basic Authentication On 9/6/2012 11:08 AM, Anastasio, David M CTR USAF AFMC AFLCMC/HNID wrote: > Yes, I think that is exactly the problem here. > I will try to create the password file with htpasswd. > Does Apache suggest where the password file should reside? > Is it restricted to a certain location? I couldn't find this in the > documentation. > Thank you. > Dave > There is no standard password file location, as AuthUserFile is specified directly in the block in your httpd.conf. Under Linux I put the password file in /etc with the rest of the system password files. The essential requirement is that the file *not* be visible from outside the server, i.e. don't put it into your repository directory or another directory under your DocumentRoot. Unfortunately, I have seen this happen - "hey, what's in http://server.name/passwd.txt";? It wasn't a Subversion repository that time (and worse yet, the passwords were plaintext), but password file location is a trap for the unwary. I've never set up Apache under Windows, so I can't suggest a "good" location. Maybe the directory in which httpd.conf is stored? -- David Chapman dcchap...@acm.org Chapman Consulting -- San Jose, CA Software Development Done Right. www.chapman-consulting-sj.com smime.p7s Description: S/MIME cryptographic signature
