Hi, I am having a problem with Subversion+LDAP: I have a repository with approximately a million files. The subversion client sends every file a HTTP request to the Apache server. I am using LDAP authentication for Apache+Subversion. mod_ldap caches some searches, but it still does one LDAP request per HTTP request to authenticate the user. The LDAP server I am using does not allow too many requests in a short timeframe, and returns "Administrative Limit Exceeded" LDAP errors when receiving too many requests. Apache mod_ldap treats Administrative Limit Exceeded errors as errors, does not retry, and deliver a 500 Internal Server Error to the svn client. The svn client treats a 500 Internal Server Error as an error, and rolls-back the whole action (commit). Practically, it´s impossible with this setup to commit a larger amount of files at once, the commit never works.
I already asked the LDAP server admins to change from returning 500 to making a delay and returning a valid LDAP response instead. I already asked Apache mod_ldap to improve caching the authentication responses. Now my suggestion for Subversion client is to add functionality be able to automatically retry (after a few seconds and only a few times) a request in case it received a 500 HTTP error. It would be good if it is possible to set options for how often to retry, and/or how often to wait. For the subversion server / apache (I don´t know exactly which module does what in this code-path), I think it is perhaps an idea to map the LDAP "Administrative Limit exceeded" to a temporary error, which can be better detected by a client and be retried by the client. Best regards, Philipp Gühring
