Re: Can i read/write(based on LDAP group) to SVN without using AuthzSVNAccessFile directive

From: Branko Čibej <brane_at_apache.org>
Date: Mon, 7 Aug 2017 10:32:55 +0200

On 07.08.2017 10:10, Kedar Sirshikar (ksirshik) wrote:
>
> Hi Brane,
>
> Thank you for reply.
>
>
>
> I am providing some inputs about my experiement as of now.
>
> I am using ‘httpd-2.2.15-54.el6.centos.x86_64’ httpd.
>
> I have attached ldif file and ‘/etc/httpd/conf.d/subversion.conf’
> files for your reference.
>
> I have also attached ‘sssd.conf’ (to interact with LDAP).
>
>
>
> Still I have not been able to grant read access to gidNumber: 500 and
> read/write access to gidNumber: 491 from ldap.
>
> Do you see any obvious issue in attached files? Your advice will be a
> great help!
>

Looks like you're missing two bits:

  * the AuthLDAPGroupAttribute is probably needed
  * you don't use the whole group distinguished name in the Require
    lines (the common name is missing).

As far as I know, mod_ldap won't search the whole subtree for valid
group names, you have to list them explicitly.

-- Brane
Received on 2017-08-07 10:32:53 CEST

This message: [ Message body ]
Next message: greg_at_gregj.me: "RE: svn commit failing - username not sent on the MERGE webdav command"
Previous message: Kedar Sirshikar (ksirshik): "Re: Can i read/write(based on LDAP group) to SVN without using AuthzSVNAccessFile directive"
In reply to: Kedar Sirshikar (ksirshik): "Re: Can i read/write(based on LDAP group) to SVN without using AuthzSVNAccessFile directive"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]