[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: svnserve alternate authentication

From: Bradley Molander <molander_at_molandernet.com>
Date: 2005-03-09 20:56:23 CET

    I think supporting svnserve supporting PAM would be a very nive
feature to have. That keeps the subversion API for AUTH simpler and
should allow PAM support to be a compile time option. Creating realms
for apps is pretty easy with PAM. You could auth with system accounts or
one of the many other data sources that have pam modules. Any thoughts
from the the main developers about such support?

Brad

On Wed, 2005-03-09 at 09:03 +1300, Robert Hunter wrote:

> Brad wrote:
> > Has anyone put or heard of any effort into designined an alternate
> authentication > interface for svnserve? Our implementation is in dire need
> of such a mechanism
> > (hundreds of users in an Oracle table used by other development apps)
> [...]
> > If there was a generic interface or an adapter pattern in place it could
> be
> > fairly easy to authenticate with an alternate datasource rather than the
> > users file. Does anyone have any input/information or know where to start?
>
> I've never used svnserve so I could be way off-base here, but it sounds to
> me like PAM would be a sensible mechanism to leverage here.
>
> If you were using svn+ssh, then you could just make sure that SSH is
> using PAM authentication. I guess svnserve currently does *not* support
> PAM -- is it using some kind of "built-in" authentication mechanism
> provided by the APR? If it is, then perhaps it would be possible to patch
> APR to use PAM where available?
>
> I get the feeling there are some platform-neutrality issues I'm missing
> here, though.
>
Received on Wed Mar 9 20:51:53 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.