SCMLife.com

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 15216|回复: 1

[求助] svn: Authentication error from server: SASL(-13): user not found: no secret in d

[复制链接]
发表于 2011-6-6 10:12:37 | 显示全部楼层 |阅读模式
本帖最后由 ths0516 于 2011-6-6 10:23 编辑 " @+ {6 m/ M& x; d$ E" ~+ c' O
+ S2 I: J' O6 p4 _8 _" d* m$ j3 y
错误信息为
* i3 u+ j/ x& B0 Xsvn: Authentication error from server: SASL(-13): user not found: no secret in database
2 A# w( n. G) r- q5 H! Q% Y参考4 ?+ x* G, W/ X( z
http://scaner.blog.com/2011/03/23/svnserve-windows-ad%E9%9B%86%E6%88%90/
3 Z) ?/ d. A- N0 }, z现在的报错信息是我仅仅配置了 svnserve.conf,不知道如何配置svn.conf: u5 L& \9 Q+ h
查找资料,有人说需要建立svn.conf来实现sasl的认证!1 m, G! z6 d8 r& o
1、不清楚svn.conf的具体位置7 ?7 U! o2 q' r" f. x: p) Z4 E
2、如果想实现域认证,怎么处理
7 j- a2 C7 @6 d. O% ?  b1 ]
5 j' o2 ^$ R+ c1 J( q/ t7 Z5 j; ]已经实现了svn.conf来实现sasl的认证,svn.conf的格式为,我把文件的路径放在了 /usr/lib/sasl2/下,内容:- O0 o4 R; q. i$ `( Q" H
pwcheck_method: auxprop8 T+ n' j3 X' Q+ d1 ~, `6 ^
auxprop_plugin: sasldb
+ b: x# k7 m5 R3 `( zsasldb_path: /testsvn/repos/conf/svn_sasldb' F3 h1 M9 @8 z% b$ Y/ m1 ]9 u2 B- v
mech_list: DIGEST-MD5: r# D$ o) n% v4 ^/ v
参考:http://svnbook.red-bean.com/en/1.5/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl) ]) y, G9 [3 F% y
但这仅仅是实现svn+sasl,我也可以实现如果手动添加svn用户。
9 k5 n4 M( C8 q3 l+ A' P4 D& Esaslpasswd2 -c -f /testsvn/repos/conf/svn_sasldb -u svn_realm test-svn* _4 N, U5 s4 S, y4 p
手动添加SVN用户可以实现sasl访问,好象不是我要实现WINDOWS域认证* ?- Y+ q5 Y# a* j
svn.conf参考  S8 L( j/ q4 z9 O% u+ U
http://www.svnforum.org/threads/36297-SVN-with-LDAP-via-SASL
: D2 ?$ D. M( E完成了LDAP via SASL 的验证,测试sudo testsaslauthd -u user -p passwd 也没有问题!/ m- i; O/ b) ?0 l
SVN新建立的测试库,svnserve.conf的配置文件为:& O6 Z3 e! t. U

. a3 y  Y( H, R& \. x# j0 B### This file controls the configuration of the svnserve daemon, if you
- A& v; [/ c( W# C### use it to allow access to this repository.  (If you only allow
6 a% t" B) a" |( W5 v4 X### access through http: and/or file: URLs, then this file is0 e# q3 G: b* L& J8 i+ J" @( H
### irrelevant.)# O" ^0 l2 X+ N2 v! h1 k
### Visit http://subversion.tigris.org/ for more information.: u! I; ^* ^/ `! m$ q
[general]- o* s6 e1 k2 M/ R2 x% q: @) l8 [
### These options control access to the repository for unauthenticated, P! ~) F/ v' R9 _
### and authenticated users.  Valid values are "write", "read",7 F1 [9 n$ E4 Y5 H
### and "none".  The sample settings below are the defaults., `7 t9 Z( V, w( _
# anon-access = read
) Y  d' i4 o7 P# auth-access = write7 ]8 k9 L) [: ?8 ~& L' w
### The password-db option controls the location of the password
5 ~6 H) u6 r8 l# d) N3 E### database file.  Unless you specify a path starting with a /,
; b0 R+ P$ W7 g; g### the file's location is relative to the directory containing8 f8 u3 {4 _7 a4 E0 Q
### this configuration file.6 k/ e& x( B* m
### If SASL is enabled (see below), this file will NOT be used.# ~- c( {) h2 t; k, Z( A! T
### Uncomment the line below to use the default password file.
# }; A; s2 ?7 ]; m2 d; u- u0 u# password-db = passwd! O/ Y6 a, z+ e2 p
### The authz-db option controls the location of the authorization: k# O8 B' y, Z2 \0 _+ g
### rules for path-based access control.  Unless you specify a path3 [" |7 t2 i; \, }+ X9 i6 B
### starting with a /, the file's location is relative to the the/ D8 _) B6 v4 G  L
### directory containing this file.  If you don't specify an2 m& E6 b* A: Z7 \! y# o
### authz-db, no path-based access control is done.  H. w" i8 Q* A& L. }6 o0 a
### Uncomment the line below to use the default authorization file.
4 M! I! r6 t' x+ X# authz-db = authz, A& m& m& N. H0 G3 f$ U
### This option specifies the authentication realm of the repository." ?# b! N; X( N, z2 u+ s% C6 s
### If two repositories have the same authentication realm, they should
: [$ b" h* D8 ?1 Y9 `( q" B  e### have the same password database, and vice versa.  The default realm9 F, ]- u+ `1 R  I' N# p
### is repository's uuid.& A9 u9 F5 h5 }0 L3 ?# G9 T
realm = svn_realm% M" X3 m" w( O5 _+ Z( N) |
[sasl]
* D0 T+ A0 n6 l7 L' |  K! b### This option specifies whether you want to use the Cyrus SASL
0 Y. T( |7 b# j/ r### library for authentication. Default is false.* R& N; O( G, E. x- \/ P9 i
### This section will be ignored if svnserve is not built with Cyrus
2 {8 \% A1 `% h; x" x$ f. Y### SASL support; to check, run 'svnserve --version' and look for a line- t* \# \/ G. F$ B( K
### reading 'Cyrus SASL authentication is available.'
5 `5 W  k5 L& {6 k) m: k3 W: z# use-sasl = true
1 v, M8 z( [: n, Xuse-sasl = true( l% T7 v: U: u
### These options specify the desired strength of the security layer7 O: v  f4 U) t4 G- A$ C
### that you want SASL to provide. 0 means no encryption, 1 means; P5 k7 w+ e5 z+ Z: l
### integrity-checking only, values larger than 1 are correlated& K+ j" U. U/ N/ ?) }$ U& e7 S
### to the effective key length for encryption (e.g. 128 means 128-bit3 l- i2 |) {0 r' Q* |/ Q
### encryption). The values below are the defaults.
- b) M) S( u3 C4 l, |# min-encryption = 0# `5 R3 C; f4 t( I- E+ v# M- @
min-encryption = 128
2 O+ F9 }8 [4 p, ^9 H' e7 p# max-encryption = 256
, c: H7 l; U* A1 j0 a8 A2 Vmax-encryption = 256
: c' c6 S4 P+ f: {# s8 n
: [) \+ N& K& p4 Q% f/ ~6 S$ z2 a# y# I1 |5 ~/ \& X

5 o5 _* M9 I4 E3 ^. R4 c( z9 J0 J( d+ x) {( W# l6 ?# C
SVNlog:$ v# D* U$ p! Z/ i. m" h0 f
5067 2011-06-06T02:18:19.164499Z 127.0.0.1 - - ERR /build/buildd/subversion-1.6.6dfsg/subversion/libsvn_ra_svn/streams.c 149 210002 Network connection closed unexpectedly
5 a. \, O2 m* N5 V- m9 O
1 o- X4 W0 c& c, a7 l$ M
 楼主| 发表于 2011-6-11 23:02:19 | 显示全部楼层
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|小黑屋|手机版|无图版|SCMLife.com ( 京ICP备06056490号-1 )

GMT+8, 2018-1-22 03:29 , Processed in 0.062645 second(s), 6 queries , Gzip On, MemCache On.

Powered by SCMLife X3.4 Licensed

© 2001-2017 JoyShare.

快速回复 返回顶部 返回列表