Date: Tue, 30 Nov 2010 14:10:21 +0100 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: freebsd-questions@FreeBSD.ORG Subject: subversion authentication via SASL2 using a OpenLDAP backend Message-ID: <4CF4F7BD.6050701@zedat.fu-berlin.de>
next in thread | raw e-mail | index | archive | help
Hello. I just try to authenticate users of our subversion repository via sasl2 against a running OpenLDAP backend (all services running on FreeBSD 8.2-PRE/8.1 and 7.3). After setting up a config file /usr/local/etc/sasl2/svn.conf containing the following: pwcheck_method: auxprop auxprop_plugin: ldap ldapdb_uri: ldap://ldap.host ldapdb_mech: PLAIN DIGEST-MD5 ANONYMOUS EXTERNAL CRAM-MD5 OTP #ldapdb_rc: /usr/local/etc/sasl2/ldaprc ldapdb_startls: yes log_level: 7 and a proper olcAuthzRegexp in the cn=config container of OpenLDAP like uid=([^,]*),cn=realm,cn=plain,cn=auth uid=$1,ou=users,dc=domain,dc=foo I never see any attempt of subversion connecting to the OpenLDAP server via sasl2. I can not even proff whether my setups in the LDAP are correct or not, since the subversion try of autheticate seems to run into nowhere. After several tries of importing something (I assume having set up properly svnserv.conf and authz in the subversion repos for this specific case) I receive this message on the console: svn: Authentication error from server: SASL(-13): user not found: no secret in database svn: Your commit message was left in a temporary file: Besides, I already installed the port /usr/ports/security/cyrus-sasl2-ldapdb but it does not help. Can anybody give a hint or tip? Thanks in advance, Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CF4F7BD.6050701>