I am able to access SVN with a blank Password. Where and how do I stop this?
Hello, Having seen many posts on this forum, I finally became a member to get my issue resolved.. We have a apache subversion server and tortoise svn client installed. Whenever I try to perform any actions on svn, it asks for UN and PWD, surprisingly its accepting blank passwords. How do i prevent this?? This is a very critical issue and many users are affected by this. I am not sure where we configure or do settings on server side.. Ldap is also integrated with this. and in httpd.conf file, I see everything is proper.. It should accept correct username and correct password.. and not blank.. Any help for this issue is much appreciated!! Eagerly awaiting your response.. -- Shruthi
Hi Shruthi, You need to enable authentication/authorization on the server side. The way you do it is dependent on how you run and access your SVN server (svnserve, ssh tunnel, http/https - WebDAV). Please look at the SVN book for more information: http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.serverconfig.svnserve.auth I hope this helps.
Hi Peter, Thanks a lot for the reply. We access svn through https://servername:portno/svn/foldername/ through tortoise client. It prompts for the username and pwd.. When we give username with no password, it enables us to access the folders.. If wrong pwd is supplied, it prompts back with a window again asking for username and pwd. I have already checked the httpd conf file since we access svn through https. everything seems to be correct. Below is the conf file.. Let me know in case if I'm missing anything..
AddExternalAuth ldap_auth "/usr/lib/httpd/modules/ldapauth.sh http://localhost:8080/project/servlet" SetExternalAuthMethod ldap_auth pipe
<Location /svnold> DAV svn AuthLDAPEnabled on SVNListParentPath on SVNAutoversioning on SVNReposName "svn repository" SVNParentPath /app/svn/svnint/svnrepositories AuthLDAPAuthoritative on AuthType Basic AuthName "Subversion" AuthLDAPBindDN "cn=sso-abc,l=amer,dc=abc,dc=com" AuthLDAPBindPassword password AuthLDAPURL "ldapurl:636/DC=abc,DC=com?mail?sub?(objectClass=inetorgperson)" Require valid-user AuthzSVNAccessFile /app/svn/svnint/file </Location>
<Location /svn> DAV svn SVNListParentPath on SVNAutoversioning on SVNReposName "svn repository" SVNParentPath /app/svn/svnint/svnrepositories AuthType Basic AuthName "Subversion" AuthExternal ldap_auth Require valid-user AuthzSVNAccessFile /app/svn/svnint/file </Location>
Hi Shruthi, Everything looks pretty much correct according to when I've used LDAP authentication in Apache in the past, the only difference between what I used and your config is I have the line "AuthBasicProvider ldap" in my configs, could you try putting that in, and restarting Apache?
HI James, Thanks for your reply.. I also would like to mention there is one more location tag.. I'm not sure for what this is used for.. Below is the one.. Can anyone please tell me, for what this is being used.. We have 2 servers.. one Dev and one Prod.. Dev doesnt have this below mentioned location directive.. It also doesnt have ADDEXTERNALAUTH directive.. Please let me know if u have any details.. Any help much appreciated..
DAV svn SVNListParentPath on SVNAutoversioning on SVNReposName "svn repository" SVNParentPath /app/svn/svnrepositories AuthType Basic AuthName "Subversion" AuthMySQLHost localhost AuthMySQLEnable On AuthMySQLUser root AuthMySQLPassword pwd AuthMySQLDB auth AuthMySQLUserTable clients AuthMySQLNameField username AuthMySQLPasswordField password AuthMySQLNoPasswd On AuthMySQLPwEncryption none require valid-user AuthzSVNAccessFile /app/file Thanks, Shruthi
Hi Shruthi, It looks like this second location tag is pointing to repositories stored at /app/svn/svnrepositories (instead of /app/svn/svnint/svnrepositories that /svn points to), it's also using MySQL authentication instead of LDAP authentication.
1-6 of 6
Reply to this discussion
You cannot edit posts or make replies: You should be logged in before you can post.