This has been driving me nuts. I'm running git 1.7.8.rc4 with Apache/2.2.14 on Lucid Ubuntu, and set up LDAP authentication. The authentication seems to be working fine, and i can pull, but i can't push without getting a 403 error.
[Fri Dec 16 20:04:25 2011] [error] [client 10.60.226.130] client denied by server configuration: /opt/tools/libexec/git-core/git-http-backend
My apache site file:
SetEnv GIT_PROJECT_ROOT /opt/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
ScriptAlias /git/ /opt/tools/libexec/git-core/git-http-backend/
<Directory "/opt/git">
Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
<Directory "/opt/tools">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
<LocationMatch "^/git/.*/git-receive-pack$">
Order deny,allow
Deny from all
AuthName "GIT Repo"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL "ldap://10.59.10.40:389/dc=shopping,dc=com"
Require valid-user
</LocationMatch>
Everything i find regarding "client denied by server configuration" says "Add 'Order allow,deny / Allow from all' to the correct Directory entry." It's there, and it's still not working. Any ideas? I know i'm really close and is probably something super simple.
Best Answer
Solved. The issue was in the LocationMatch block:
was causing the 403 error. Change it to be permissive as in the Directory block and it changes to a 401, which turned out to be a problem with the LDAP authentication. I changed the AuthBasicProvider to 'external' and used pwauth as per (pyxzl.net/store/authnz.php)