LDAP and DAV with AuthnProviderAlias not working

Question

I have a working apache 2.4 config for ldap with svn

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ...
    <Location /ldapsvn>
            DAV svn
            SVNParentPath /var/ldapsvn
            SVNAdvertiseV2Protocol Off

            SVNListParentPath Off
            SVNAutoversioning On
            SVNReposName "repo name"

            AuthType Basic
            AuthName "My auth"

            AuthBasicProvider ldap
            AuthLDAPURL "ldap://ldapserver:port/DC=abc-de,DC=si?userPrincipalName?sub?(objectClass=*)"
            AuthLDAPBindDN "CN=ldapp,OU=System;OU=Users;OU=XYZ;DC=xyz1;DC=abc-de;DC=si"
            AuthLDAPBindPassword "[[hunter2]]"

            Require valid-user
    </location>

but if I include the ldap settings as an alias, then the authentication stops working

<AuthnProviderAlias ldap ldapAlias1>
   AuthLDAPURL "ldap://ldapserver:port/DC=abc-de,DC=si?userPrincipalName?sub?(objectClass=*)"
   AuthLDAPBindDN "CN=ldapp,OU=System;OU=Users;OU=XYZ;DC=xyz1;DC=abc-de;DC=si"
   AuthLDAPBindPassword "[[hunter2]]"
</AuthnProviderAlias>

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ...
    <Location /ldapsvn>
            DAV svn
            SVNParentPath /var/ldapsvn
            SVNAdvertiseV2Protocol Off

            SVNListParentPath Off
            SVNAutoversioning On
            SVNReposName "repo name"

            AuthType Basic
            AuthName "My auth"

            AuthBasicProvider ldapAlias1

            Require valid-user
    </location>

I will eventually have to add a second ldap server, but I tried with a single one to test the config.

Any help would be appreciated.

when I try to login the ssl_error.log says: `[auth_basic:error] [pid 28457] [client 1.2.3.4:1234] AH01618: user username@domain.com not found: /ldapsvn/ods` , but the setting work if I don't use the `AuthnProviderAlias` — zidarsk8, Sep 30 '13 at 11:34
`authn_alias_module` is not available in apache 2.4 the functionality is now in `mod_authz_core` which I have enabled. Also if I didn't have that, the apache would fail to start but it doesn't show any errors at all. — zidarsk8, Oct 01 '13 at 20:03

score 1 · Accepted Answer · answered Nov 19 '13 at 15:43

1

I think this has been reported as a bug. Add you info here: https://issues.apache.org/bugzilla/show_bug.cgi?id=55622

answered Nov 19 '13 at 15:43

Jarle Jacobsen

66
3

LDAP and DAV with AuthnProviderAlias not working

1 Answers1