I'm trying to setup a GIT server, authenticated through LDAP. I am using Apache. The GIT client fails when trying to push.
git push
According to the server logs, the problem is with WebDAV PROPFIND command, which is not authenticated by GIT and end up with a 401 http code:
Apache access.log:
192.168.23.199 - - [13/Jul/2017:13:39:27 +0000] "GET /test.git/info/refs?service=git-receive-pack HTTP/1.1" 401 381
192.168.23.199 - johndoe [13/Jul/2017:13:39:27 +0000] "GET /test.git/info/refs?service=git-receive-pack HTTP/1.1" 200 59
192.168.23.199 - johndoe [13/Jul/2017:13:39:27 +0000] "GET /test.git/HEAD HTTP/1.1" 200 23
192.168.23.199 - - [13/Jul/2017:13:39:27 +0000] "PROPFIND /test.git/ HTTP/1.1" 401 381
My config file contains a LimitExcept:
<Location />
Dav on
AuthBasicProvider ldap
AuthLDAPURL "ldap://server:3268 server:3268 server:3268 server:3268/dc=mydc,dc=local?sAMAccountName,distinguishedName,memberOf,displayName"
AuthLDAPBindDN "CN=documentation,OU=Script-Users,OU=Orange,DC=qconsulting,DC=local"
AuthLDAPBindPassword "xxxxx"
AuthType Basic
AuthName "AD Authorization required"
<LimitExcept PROPFIND>
Require valid-user
</LimitExcept>
AllowOverride None
Options FollowSymLinks Indexes
RewriteEngine on
RewriteRule ^pub/git$ /pub/git/cgi-bin/gitweb.cgi
RewriteRule ^pub/git/$ /pub/git/cgi-bin/gitweb.cgi
RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /cgi-bin/gitweb.cgi%{REQUEST_URI} [L,PT]
</Location>
The strange thing is that I tried to do PROPFIND request through curl and cadaver. And it fails with curl (401) and it succeeds with cadaver (207)
curl --request PROPFIND http://server/test.git/
Apache Log:
192.168.23.199 - - [13/Jul/2017:11:11:46 +0000] "PROPFIND /test.git/ HTTP/1.1" 207 436
cadaver http://server/test.git/
propnames /
192.168.23.199 - - [13/Jul/2017:11:11:59 +0000] "PROPFIND /test.git/ HTTP/1.1" 401 381
