Hi all,
We use Apache as a front-end to a Subversion repository on Linux. We're using SSL, with basic authentication backed by LDAP against a Windows Server 2008 domain controller.
Every so often, we get a 500 Internal Server Error when trying to write to the SVN repository. The following message appears in ssl_error_log:
[crit] [client X.X.X.X] configuration error:
couldn't check access. No groups file?: /svn/!svn/bln/401
I'm aware that this is a common error caused by missing modules and/or broken authentication configurations. However, our authentication IS working -- but only about 80% of the time. I've looked around for other log files that might have more detailed information, but can't find anything.
Any suggestions on how I might troubleshoot this further? I really have no idea where to start.
Relevant SSL/SVN configuration:
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule ssl_module modules/mod_ssl.so
<Location /svn>
DAV svn
SVNPath /data/svnroot
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "<censored>"
AuthLDAPURL "<censored>" NONE
AuthLDAPBindDN "<censored>"
AuthLDAPBindPassword <censored>
<Limit GET PROPFIND OPTIONS REPORT>
require valid-user
</Limit>
<LimitExcept GET PROPFIND OPTIONS REPORT>
require ldap-attribute memberOf="<censored>"
</LimitExcept>
</Location>
System specifications:
RHEL 5.7 x86_64, 2.6.18-238.12.1.el5 SMP
Apache 2.2.3 (RPM 2.2.3-53.el5)
Windows domain controller = Windows Server 2008 SP2
Many thanks in advance!
DN.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|