2008/08/21

The joys of Apache webserver and modules

I've been fighting an issue with Apache 2.2.8 on Ubuntu 8.04.1 (Codename Hardy Heron) to get my Subversion repository to authenticate over LDAP for work. We had previously set it up on Apache 2.0 on Gentoo. It was a week long battle, but we got it working. I figured that since we figured it out on there it should be a pretty straight forward approach this time around. Yeah, that was wishful thinking!

Doing the standard Google searches I came across the step by step guides of how to configure it (most were building from scratch). With the beauty of apt-get I had everything I needed in no time at all (Seriously wish there was a Windows alternative to that...). I created the repository for Subversion, configured Apache and Subversion to start up automatically, and added in the Subversion modules to Apache (which threw me off as it was a link in /etc/apache2/mods-enabled to /etc/apache2/mods-available). Restart Apache and everything still worked so it was time to configure a location for the repository. So following the standard layout I found on every other Google search I set it to the following:

<Location /repos>
DAV svn
SVNPath /path/to/repository
AuthType Basic
AuthLDAPEnabled on
AuthLDAPAuthoritative on

Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all

AuthName "Subversion Repository"
AuthLDAPBindDN "cn=Subversion User,dc=domain,dc=com"
AuthLDAPBindPassword UserPassword
AuthLDAPUrl "ldap://domain.com:389/dc=domain,dc=com?sAMAccountName?sub?(objectclass=user)"

Require valid-user
</Location>


I go to restart and I get a marvelous error message of:

Invalid command 'AuthLDAPEnabled', perhaps misspelled or defined by a module not  included in the server configuration


It wasn't until some repetitive googling later that I came across this amazing post that provided some insite:

http://www.linuxforums.org/forum/servers/124011-apache-ldap-authentication.html

With a little ingenuity, I figured out the correct set up for us was this:


<Location /repos>
DAV svn
SVNPath /path/to/repository
AuthBasicProvider ldap
AuthType Basic
# AuthLDAPEnabled on
AuthzLDAPAuthoritative on

Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all

AuthName "Subversion Repository"
AuthLDAPBindDN "cn=Subversion User,dc=domain,dc=com"
AuthLDAPBindPassword UserPassword
AuthLDAPUrl "ldap://domain.com:389/dc=domain,dc=com?sAMAccountName?sub?(objectclass=user)"

Require valid-user
</Location>


Now to actually continue on with why I had to set up another Subversion server...