Apache+Kerberos+SVN works with IE repo browser, but not Chrome or TSVN ???
Hello, Please help... I am able to use IE 11 to browse by apache+SVN+kerberos repo. Kerberos works fine. No login required. However when I try to use Chrome or TSVN to browse the repo, I can only get the content of the root repo ( https://myserver.com/cm_repo1). If I try to drill down into the projects of the repo (https://myserver.com/cm_repo1/testproj), it returns authorization denied. See apache log below. I installed Subversion 1.8.14 Apache 2.4.17 mod_auth_kerb-5.4 DAV svn SVNPath /data/cm_repo1 AuthzSVNAccessFile /usr/local/scm/apache2.4.17kerb/conf/accessControl.conf AuthName "Kerberos Auth" AuthType Kerberos KrbMethodNegotiate On KrbVerifyKDC On KrbMethodK5Passwd On KrbAuthRealms CAMPUS.COM Krb5KeyTab /usr/local/scm/apache2.4.17kerb/conf/jirasso4.keytab KrbServiceName HTTP/itest.campus@campus.com KrbLocalUserMapping On 133.16.84.222 - sandym [16/Dec/2015:15:13:21 -0500] "OPTIONS /cm_repo1HTTP/1.1" 200 188 133.16.84.222 - sandym [16/Dec/2015:15:13:21 -0500] "PROPFIND/cm_repo1/!svn/rvr/2245 HTTP/1.1" 207 326 133.16.84.222 - sandym [16/Dec/2015:15:13:21 -0500] "PROPFIND/cm_repo1/!svn/rvr/2245 HTTP/1.1" 207 1281 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS/cm_repo1/visitor_PRODUCTION HTTP/1.1" 401 381 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS/cm_repo1/cdb_PRODUCTION HTTP/1.1" 401 381 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS /cm_repo1/cdbHTTP/1.1" 401 381 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS /cm_repo1/shibssoHTTP/1.1" 401 381 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS /cm_repo1/cdb_TESTHTTP/1.1" 401 381 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS /cm_repo1/testprojHTTP/1.1" 401 38
Re: Apache+Kerberos+SVN works with IE repo browser, but not Chrome or TSVN ???
z_svn/mod_authz_svn.c(439): [client 133.5.86.222:55666] Path to authz file is /usr/local/scm/apache2.4.17kerb/conf/accessControl.conf, referer: https://itest04.vexor.com:7100/cm_repo1/ [Fri Dec 18 14:20:46.261438 2015] [authz_svn:info] [pid 44368] [client 133.5.86.222:55666] Access granted: 'smandy' GET cm_repo1:/testproj/myfile, referer: https://itest04.vexor.com:7100/cm_repo1/ MY BUILD Fri Dec 18 13:57:33.757795 2015] [ssl:info] [pid 44292] AH01876: mod_ssl/2.4.17 compiled against Server: Apache/2.4.17, Library: OpenSSL/1.0.2a [Fri Dec 18 13:57:33.759275 2015] [mpm_prefork:notice] [pid 44292] AH00163: Apache/2.4.17 (Unix) mod_auth_kerb/5.4 OpenSSL/1.0.2a SVN/1.8.15 configured -- resuming normal operations [Fri Dec 18 13:57:33.759296 2015] [mpm_prefork:info] [pid 44292] AH00164: Server built: Dec 17 2015 14:22:22 On Fri, Dec 18, 2015 at 12:15 PM, Philip Martin wrote: > ken edward writes: > > > I installed > > Subversion 1.8.14 > > Apache 2.4.17 > > mod_auth_kerb-5.4 > > > 133.16.84.222 - - [16/Dec/2015:15:13:21 -0500] "OPTIONS > > /cm_repo1/testprojHTTP/1.1" > > 401 38 > > 1.8.14 has a bug that affects 3rd party authn modules such as > mod_auth_kerb and mod_auth_ldap. This bug causes Apache to return 401 > responses without a WWW-Authenticate header and this means clients do > not attempt to authenticate. 1.8.15 as a fix for this bug. > > -- > Philip Martin > WANdisco >
configure: error: failed to recognize APR_INT64_T_FMT on this platform
Does anyone have an idea how to fixthis error: ./configure --with-sqlite=/u01/tomcat/scm/sqlite-autoconf --with-apxs=/u01/tomcat/scm/apache2.4.39kerb/bin/apxs --prefix=/u01/tomcat/scm/subversion --enable-javah l --with-jdk=/u01/weblogic/java/jdk1.8.0_201 --with-zlib=/u01/tomcat/scm/zlib-1.2.11 --with-apr-util=/u01/tomcat/scm/apr-util-1.6.1/bin/apu-1-config --with-apr=/u01/tomcat/scm/apr-1.7.0/bin/apr-1-con fig --with-lz4=internal --with-utf8proc=internal CPPFLAGS=-DHAVE configure: Configuring python swig binding checking for Python includes... -I/usr/include/python2.7 checking for compiling Python extensions... gcc -pthread -fPIC checking for linking Python extensions... gcc -pthread -shared -Wl,-z,relro checking for linking Python libraries... -Wl,-z,relro checking for apr_int64_t Python/C API format string... configure: error: failed to recognize APR_INT64_T_FMT on this platform
Upgraded to SVN 12 and now receiving very odd results via mod dav svn.
Hello, I am configured as below: Apache/2.4.39 (Unix) OpenSSL/1.0.2r SVN/1.12.0 mod_auth_gssapi/1.6.1 mod_dav_svn configured Apache+SVN comes up clean, no errors. I pointed the httpd.conf repo locations and access control files to the legacy 1.8 repo's and get varying results. Some of the repo's display normally, but many just show the header and revision number, but everything else is blank (shows nothing in the project, but there is). I tried reloading the 1.8 repos into clean 1.12 repo's, but same issue. Zero errors in the log file. If I try to view the repo via the browser or tortise SVN I just see: camd_repo1 - Revision 451: / [should see content here, but is empty] ANY IDEAS? Ken
Is support officially over for subversion 1.9?
Hello, As I read the SVN LTS policy, it states that support ends 4 years after the initial release. Since Subversion 1.9 was released on Aug 5, 2015, does that now mean subversion 1.9 will not longer receive security patches (now that it is Aug 6th)? Thank you, Ed
