I've Redmine setup with an Apache server (RHEL 6.1). I in addition have a subversion server running at
/var/svn. I've the correct LDAP authentication for my subversion set up, then when someone accesses the subversion repository (either via command line: svn checkout/update/commit, or through http://myserver.com/svn/project), it prompts for any account information that authenticates from the LDAP server.
However: When browsing the project's page in Redmine, I begin to see the "Repository" tab appear (also it links towards the proper address: http://myserver.com/svn/project). However when I navigate for this tab, it shows "404 The entry or revision wasn't based in the repository". I've got a feeling the 404 is originating from Redmine the inability to authenticate against LDAP. So my question is how you can allow Redmine into that directory, but everybody else must be authenticated against LDAP?
I've determined my problem and emerged having a quite simple solution. My assumption was correct - because Redmine did not understand how to handle the LDAP request, it put a 404.
Below may be the proper Apache configuration to permit Redmine (or any service running on a single server) with the authentication process:
<Location /svn> # The following two lines allow for any request made by this machine through # We do this to allow Redmine to have access without needing to authenticate against LDAP # NOTE: The IP address MUST be the one given by DHCP - the loop-back (127.0.0.1) will NOT WORK Order allow,deny Allow from ACTUAL_IP_ADDRESS (example: 22.214.171.124) # The following authenticates against LDAP for any request NOT made by the same server # This includes anyone attempting to access: # http://myserver.com/svn/* # either via web-browser, or svn command # # Tell apache this is a subversion repository DAV svn # Where the subversion repository list exists on the file system SVNParentPath "/var/svn" # What kind of authentication AuthType Basic AuthName "Restricted Subversion Content" AuthBasicProvider ldap AuthLDAPBindDN "YOUR_BIND_DN" AuthLDAPBindPassword "YOUR_BIND_PASSWORD" AuthLDAPURL "YOUR_LDAP_URL" # Require a valid-LDAP user (if not from the allowed IP address) Require valid-user # This line (very important) tells Apache that the request needs to follow AT LEAST # one of the following: # - The request is from the IP address listed above # - All others MUST authenticate using LDaP # If we wanted BOTH to be required (not in our case), we would use "Satisfy All" Satisfy Any
I really hope this can help another person searching for an identical solution!