My Environment
- Apache 2.2
- Windows Server 2008 R2 (I also had the same problem with Windows 7)
- Tortoise SVN 1.8.7 Subversion 1.8.9
I have this SVN Server using Apache for authentication with Active Directory using authz_svn_module and its dependencies(mod_dav_svn.so, etc.). The authentication part works fine normally, but if I leave the field User Name empty, it generates a 500 Internal Server Error.
The problem happens either if I try to log from a web browser or if I try to perform an svn checkout.
It does not generate an entry in the Apache logs/error.log file, but it leaves an entry in the logs/access.log file:
x.x.x.x - "" [12/Aug/2014:11:00:10 -0300] "GET /svn/ HTTP/1.1" 500 550
as opposed to when I type an invalid user/password:
x.x.x.x - invalidu1 [12/Aug/2014:10:11:03 -0300] "GET /svn/ HTTP/1.1" 401 401
I also noticed that the 500 error comes from my AD server instead of from 127.0.0.1. There is a Linux server performing authentication for its SVN server against the same AD server and it does not have this problem.
Is this a known bug? If not, is there a way that I can validate empty username fields before they go for authentication?
My httpd.conf SVN entry looks like this:
DAV svn
SVNPath G:/mypath/to/svn/
SVNIndexXSLT "/svnindex.xsl"
AuthType Basic
AuthBasicProvider ldap file
AuthzSVNAccessFile G:\svn\svn_projects_permissions
# The name of the protected area or "realm"
AuthName "SVN Projects"
# Active Directory requires an authenticating DN to access records
AuthLDAPBindDN "CN=a,OU=b,OU=c,OU=d,DC=e,DC=f,DC=com"
# This is the password for the AuthLDAPBindDN user in Active Directory
AuthLDAPBindPassword "abcdefgijkl"
# The LDAP query URL
# AuthLDAPURL "ldap://abcdef.gh.com/OU=COLAB,DC=c,DC=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPURL "ldap://123.45.678.29/OU=abc,OU=dfe,DC=ghij,DC=ab-group,DC=com?sAMAccountName?sub?(objectClass=*)"
Require valid-user
AuthUserFile "G:\svn\svn_projects_passwords"
