[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Combining SVN access rights with Active Directory authentication

From: Lieven Govaerts <lgo_at_mobsol.be>
Date: 2006-01-04 23:17:02 CET

Auke,

ask your question on the Subversion users list, I'm sure you'll get detailed
response there: users@subversion.tigris.org.

Lieven.

> -----Original Message-----
> From: Auke Jilderda [mailto:jilderda@dds.nl]
> Sent: woensdag 4 januari 2006 22:29
> To: svn-dev
> Subject: Combining SVN access rights with Active Directory
> authentication
>
> I'm trying to hook up Subversion and Apache2 to Microsoft
> Active Directory but am struggling a bit with exactly what is
> and is not possible at present. I was hoping you can help me
> clarify this.
>
> I know Apache2 with Subversion can authenticate against a
> Microsoft Active Directory service using the SSPI or NTLM
> module when running Apache on Windows respectively UNIX. The
> SSPI module is currently not actively maintained but the
> TortoiseSVN documentation includes a section on how to
> configure it [1] while the NTLM project's home page [2]
> describes how to configure the module.
>
> This works although it leaves the challenge of getting
> clients other than Microsoft Internet Explorer to actually
> ask for credentials. This can be accomplished by having
> Apache use basic authentication for fetching the credentials
> before using SSPI or NTLM for authenticating against
> Microsoft Active Directory, adding the 'SSPIOfferBasic On'
> respectively "NTLMBasicAuth On" directive. Hence,
> configuring the NTLM module for the SVN location as follows works:
> AuthType NTLM
> AuthName "Bogus Repository"
> NTLMAuth On
> NTLMAuthoritative On
> NTLMDomain MSAD01
> NTLMserver wdc1
> NTLMBasicAuth On
>
> So far so good but this naturally leads to a next question:
> Can I define who has access to what using the user accounts
> and groups defined in the Microsoft Active Directory?
>
> I've searched and read up on the topic but am a bit at a loss
> with the multiple authentication and authorisation modules
> out there and Apache 2.2 having things again refactored and
> would really appreciate some pointers.
>
> Thanks,
>
>
> Auke
>
> 1.
> http://tortoisesvn.sourceforge.net/docs/release/TortoiseSVN_en
> /ch03.html#tsvn-serversetup-apache-5
> 2. http://modntlm.sourceforge.net
> 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 3/01/2006
 
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jan 4 23:35:55 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.