SCMLife.com

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 15507|回复: 1

[求助] svn: Authentication error from server: SASL(-13): user not found: no secret in d

[复制链接]
发表于 2011-6-6 10:12:37 | 显示全部楼层 |阅读模式
本帖最后由 ths0516 于 2011-6-6 10:23 编辑
$ J2 M/ V2 U+ U! V' @0 ~1 ?( t1 [7 u2 \) F* p2 F4 ?, s: ?6 j
错误信息为  F7 U  q' A  w. _2 v9 L
svn: Authentication error from server: SASL(-13): user not found: no secret in database
# Q+ [3 x6 Q7 s0 t4 `  N  \' a7 R参考
, M% U. P- {# A0 {/ e$ D6 D8 l% Fhttp://scaner.blog.com/2011/03/23/svnserve-windows-ad%E9%9B%86%E6%88%90/
- }& c- i# ^8 v  M# ?7 `* v现在的报错信息是我仅仅配置了 svnserve.conf,不知道如何配置svn.conf
0 o. F3 Y. w% t$ h查找资料,有人说需要建立svn.conf来实现sasl的认证!; ~% Z2 E7 v( g" C8 ~
1、不清楚svn.conf的具体位置4 F& f7 {* R( l" }$ A' l' X4 ]0 Y
2、如果想实现域认证,怎么处理
* r* W# ^* }; \* B) Z+ J9 M: g+ r4 @  H4 t) M
已经实现了svn.conf来实现sasl的认证,svn.conf的格式为,我把文件的路径放在了 /usr/lib/sasl2/下,内容:
! A: t' @1 V- d0 c( Mpwcheck_method: auxprop
# p6 I& I+ {! ?0 a: s# A  F- tauxprop_plugin: sasldb
+ g, G9 [) ?( V8 O/ lsasldb_path: /testsvn/repos/conf/svn_sasldb2 F! ?9 ~4 Z7 ^  b/ I, E
mech_list: DIGEST-MD5+ ?' ?! y9 i) d
参考:http://svnbook.red-bean.com/en/1.5/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl
2 B6 V" j0 }3 X但这仅仅是实现svn+sasl,我也可以实现如果手动添加svn用户。" n2 k+ ~- C" P1 v' j" P( b. [
saslpasswd2 -c -f /testsvn/repos/conf/svn_sasldb -u svn_realm test-svn
; D2 B  w  Z# {7 z$ X手动添加SVN用户可以实现sasl访问,好象不是我要实现WINDOWS域认证7 H8 A) Y' ]7 A8 G  x
svn.conf参考
& T; n6 N+ ^5 e  I+ [* Thttp://www.svnforum.org/threads/36297-SVN-with-LDAP-via-SASL7 l7 e8 P/ [  h( @' A+ z) v( v5 V
完成了LDAP via SASL 的验证,测试sudo testsaslauthd -u user -p passwd 也没有问题!' N* ]4 G3 ]2 y8 b
SVN新建立的测试库,svnserve.conf的配置文件为:; ]! I6 m$ Z' f: z& ~

: a& @) w6 t. o: k& T### This file controls the configuration of the svnserve daemon, if you
8 i' j" X. V+ `" Z4 E2 x1 p) t### use it to allow access to this repository.  (If you only allow
7 {. ]6 c; g+ E### access through http: and/or file: URLs, then this file is
' q- S6 n" p1 ^0 T1 m4 w" j6 P* K### irrelevant.)- Q- k+ _# ^! i) d  g8 S1 z
### Visit http://subversion.tigris.org/ for more information.
# G* Y4 k* g3 `) D$ ~4 ][general]
/ D; q: y( B0 A) k5 j### These options control access to the repository for unauthenticated# _# _1 U( @% ~, s& G
### and authenticated users.  Valid values are "write", "read",+ d; A5 G+ Z3 Z4 [$ X/ Z; h# B
### and "none".  The sample settings below are the defaults.
1 c6 C* p& L' b7 |# F. X( ?9 d# anon-access = read
# b7 }3 X. a8 m+ D# auth-access = write
" ^% A  c7 [% j& ~  O### The password-db option controls the location of the password
/ Q7 n' V% q# e; h### database file.  Unless you specify a path starting with a /,% F" s- r: \8 g, x2 @: G9 c
### the file's location is relative to the directory containing
0 S( ~5 D( D. d: |### this configuration file.1 l6 F0 L+ `9 E* R
### If SASL is enabled (see below), this file will NOT be used.7 y  M( Z$ f4 T( t" w* n2 J0 ?. O
### Uncomment the line below to use the default password file.0 T# l( G5 G& b% O2 F
# password-db = passwd
& ~1 `# r' X3 B+ G; C* h+ V0 N### The authz-db option controls the location of the authorization
5 ?- y3 W1 m! j( A* P: [) Z### rules for path-based access control.  Unless you specify a path
* N* X1 u% X, t. m6 m: t### starting with a /, the file's location is relative to the the
/ x: k" u( K* `3 e* ^* M### directory containing this file.  If you don't specify an6 ^+ T1 \$ h" y/ h# K
### authz-db, no path-based access control is done.4 [% I7 }$ O2 `
### Uncomment the line below to use the default authorization file.
8 x2 c/ g5 ~% v) T/ V. S. w# authz-db = authz0 A+ C- x7 P: C7 x& N
### This option specifies the authentication realm of the repository.- C) S' h% D& ?6 |: e
### If two repositories have the same authentication realm, they should8 o8 N# q9 c9 Y9 F7 h4 a8 S9 e8 J6 L
### have the same password database, and vice versa.  The default realm
$ c4 T& {2 j; X2 x### is repository's uuid.
0 e5 T/ T4 r) R- s: i: Y6 Brealm = svn_realm
. s' F, }5 o- P2 a/ K9 G[sasl]* T# g: A/ C! Z# r
### This option specifies whether you want to use the Cyrus SASL$ T! K. R; l* w- \
### library for authentication. Default is false.4 F  e/ V# f; k" E8 J( v; M
### This section will be ignored if svnserve is not built with Cyrus1 t* ^0 M2 ^; i
### SASL support; to check, run 'svnserve --version' and look for a line
& t5 E3 u! l* e0 L### reading 'Cyrus SASL authentication is available.'6 B  p# I. H. _' c# j) l- ?
# use-sasl = true
: V) ~1 l0 P2 X; K! puse-sasl = true
7 v9 @3 p: |( M6 b### These options specify the desired strength of the security layer3 v" l4 x- a* c9 u" ~) B
### that you want SASL to provide. 0 means no encryption, 1 means6 r8 g1 S; E* {% ]& a
### integrity-checking only, values larger than 1 are correlated
; j) s8 r. {2 D) V: g### to the effective key length for encryption (e.g. 128 means 128-bit
( o/ P/ W- G2 i6 i5 O; q+ d4 X; u8 K( Q0 I### encryption). The values below are the defaults.; t/ v3 I7 r( s$ J/ x
# min-encryption = 0
% L$ f. q2 k1 V: Imin-encryption = 128
0 S* S  _: l/ r# max-encryption = 256
5 ]6 v6 I1 v1 C" Z/ {2 s! emax-encryption = 256
; E! K0 T6 w" x8 Q- W) l" ~
& w" C# l  v' D% a  J+ b: H3 ?! U
" g3 O. t5 n' r3 r1 ]; s: o3 x
' g% [  ~; l0 q9 V. q  o: D& e) l* y3 u, I$ T2 r) K* m
SVNlog:
0 K0 F9 I0 L, \+ i' _5067 2011-06-06T02:18:19.164499Z 127.0.0.1 - - ERR /build/buildd/subversion-1.6.6dfsg/subversion/libsvn_ra_svn/streams.c 149 210002 Network connection closed unexpectedly& v' y' b* B4 S9 J% h# `
0 K7 U0 }) E. o0 \
 楼主| 发表于 2011-6-11 23:02:19 | 显示全部楼层
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|小黑屋|手机版|无图版|SCMLife.com ( 京ICP备06056490号-1 )

GMT+8, 2018-4-23 20:24 , Processed in 0.062368 second(s), 6 queries , Gzip On, MemCache On.

Powered by SCMLife X3.4 Licensed

© 2001-2017 JoyShare.

快速回复 返回顶部 返回列表