I'm presently utilizing an Apache front-end for my Subversion repository, to be able to do LDAP authentication.
My setup is rather vanilla, however I must have the ability to specify a "backup" LDAP URL, just in case the main the first is lower. I can not presently see a method to do that other then make use of a second location, or virtual host that points in the secondary LDAP server.
Although this would technically work, it's not an optimal solution. I'd like something that doesn't require customers to by hand choose the backup URL.
This really is presently Apache 2.2.3 on CentOS 5.
Sample entry from httpd.conf:
<VirtualHost *:80> ServerName svn.example.com ServerAlias svn.example.com svn <Location /erx> DAV svn SVNPath "/usr/local/svn/repos" Require valid-user AuthzSVNAccessFile "/usr/local/svn/conf/svnaccess.conf" AuthName "SVN Repository" AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative off AuthLDAPURL "ldap://ldapserver:389/searchstring" NONE AuthLDAPBindDN "bind" AuthLDAPBindPassword password </Location> </VirtualHost>
OpenLDAP utilizes a blank separated listing of servers. Presuming that mod_ldap is applying OpenLDAP, this might work:
In the event that does not work, try including two blank separated Web addresses:
Edit: mod_authnz_ldap appears to aid this formally.