On 2/25/14, 12:03 PM, Johannes Michler wrote: > Well but by looking into my logfiles I see that my server is indeed sending > HTTP-401. Is this the problem?
I don't think there's really anything that a 1.8 client can or should do different here. The server is saying "give me authn credentials" and the client is trying to ask for them. The same problem exists for a 1.7 client, it's just that we don't walk up into trees that you're not expecting so you're not seeing this sort of loop (and currently mod_dav_svn returns errors rather than 401's for secondary paths). Looking at the source for mod_authnz_ldap it appears to return a 401 if the group check fails. You've got two basic options here. 1) Patch mod_authnz_ldap so that it returns HTTP_FORBIDDEN. Note that this may cause problems with other configurations that aren't using LDAP this way. 2) Write a custom authz hook that always returns HTTP_FORBIDDEN that hooks after the ldap module. Configure your custom module to be turned on for your location. Then set 'AuthzLDAPAuthoritative off', meaning that the ldap module will DECLINE and the final module should handle this. I'm off to lunch but when I get back I can probably write a quick authz module that does the second bit for you.