Project

General

Profile

Actions
Copy link

Defect #8311

closed

Redmine SVN authentication failed fo LDAP-User

Added by Rahul Panwar over 13 years ago. Updated over 13 years ago.

Status:
Closed
Priority:
Urgent
Assignee:
Rahul Panwar
Category:
Accounts / authentication
Target version:
-
Start date:
2011-05-06
Due date:
% Done:

100%

Estimated time:
Resolution:
Fixed
Affected version:
1.1.3

Description

Hi,

After googling a lot and searching on Redmine forum, i am posting this isssue here, please provide me some solution if it is already solved.

I am using Redmine-1.1.3 version on CentOS 5.6 with apache and passenger module. I configured it with LDAP (ZIMBRA mail server) authentication and "on fly user creation". All the users of LDAP server can create their account and login to redmine. They can browse the svn repository of added projects as well.

But they can't create/delete/commit (write) on the svn repositry even they are the manager of that project. It always ask for authentication again and again till the error comes "svn: MKACTIVITY of '/svn/myproject/!svn/act/d53e6a78-d6bd-4f2f-b702-cb744dcf81b6': authorization failed (http://mydomain.com)".

Instead of this if the user is an internal user of Redmine, it can write on the project repository, if he/she is a manager.

I read on a [[http://www.jumpbox.com/node/1871]] while googling that it is not possible in redmine.
But i also read on a issue in redmine forum that it can work either for internal user or LDAP users, if it is true then please provide me some help to configure this one.

Please look at my configuration related to SVN & redmine:

#cat /etc/httpd/conf.d/subversion.conf

LoadModule dav_svn_module        /usr/lib/httpd/modules/mod_dav_svn.so
   PerlLoadModule Apache::Redmine
   PerlLoadModule  Authen::Simple::LDAP
   #PerlLoadModule  IO::Socket::SSL
   <Location /svn>
     DAV svn
     SVNParentPath "/opt/redmine/svn" 

     AuthType Basic
     AuthName redmine
     Require valid-user

     PerlAccessHandler Apache::Authn::Redmine::access_handler
     PerlAuthenHandler Apache::Authn::Redmine::authen_handler

     ## for mysql
     RedmineDSN "DBI:mysql:database=redmine;host=localhost" 

     RedmineDbUser "redmine" 
     RedmineDbPass "xxxxxx" 
     #Cache the last 50 auth entries
     RedmineCacheCredsMax 50
  </Location>

#cat /etc/httpd/conf.d/redmine.conf

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.7/ext/apache2/mod_passenger.so
   PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.7
   PassengerRuby /usr/bin/ruby

<VirtualHost *:80>
    DocumentRoot /opt/redmine/repo
    RailsEnv production
    RailsBaseURI /redmine
    <Directory "/opt/redmine/repo">
        Options Indexes FollowSymlinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

what change i can make to fulfill my requirement? Please support me, i already spent a lot of time in hit and trail....

Thanks & Regards
Rahul Panwar

Actions
Copy link
 #1

Updated by Rahul Panwar over 13 years ago

  • Assignee set to Rahul Panwar

Hi there,

After a lot of struggle, i solved this problem. It was my mistake that i am not using the proper Authen::Simple::LDAP module.

I also found the similar comments on issue list, but there is not an exact solution, what's wrong with Authen::Simple::LDAP. I want write mine may be it helps other.

I was doing it on CentOS and it is written very clearly on [[http://www.redmine.org/projects/redmine/wiki/Repositories_access_control_with_apache_mod_dav_svn_and_mod_perl]] (thanks to the writer :-)) that Authen::Simple::LDAP module can only be installed through CPAN no RPM is available for CentOS. And my mistake is i don't know any thing about CPAN ;-). I simply download the tar.gz file of Authen-Simple-LDAP from CPAN site and extract the file name LDAP.pm to /usr/lib/perl5/...../Authen/Simple/ directory and unfortunately my httpd also started successfully. But LDAP authentication for svn was not working.

Finally i found somewhere about perl module installation using CPAN, i installed it using following commands:

cpan> install Authen::Simple::LDAP

If it will failed to install means there may be some dependency prob which is not resolved by CPAN, like in my case i first installed

cpan> install Authen:Simple
cpan> install Authen:Simple::LDAP

It install Authen:Simple::LDAP properly and after restarting the httpd. I solved my problem.

Thanks for giving me the opportunity to learn ;-). I also add this command on wiki page please do not remove that.

Regards,
Rahul Panwar

Actions
Copy link
 #2

Updated by Rahul Panwar over 13 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Issue resolved.

Actions
Copy link
 #3

Updated by Jean-Baptiste Barth over 13 years ago

  • Category set to Accounts / authentication
  • Status changed from Resolved to Closed
  • Resolution set to Fixed

Thanks for the feedback, and sorry for not have been very responsive on your issue. Glad it works now !

Actions
Copy link

Also available in: Atom PDF