[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[PATCH] Authentication for svnserve using LDAP

From: Ivlev, Eugene <eivlev_at_esignaldev.com>
Date: Sat, 02 Feb 2008 15:53:40 +0300
[PATCH] Authentication for svnserve using LDAP [PATCH] Authentication for svnserve using LDAP

New feature.

Cyrus SASL library supports authentication using LDAP.
But in Windows platform it can't be using cause:

// from Cyrus SASL documentation (components.html)
saslauthd - This calls out to the saslauthd daemon, which also ships with the distribution. The saslauthd daemon has a number of modules of its own, which allow it to do verification of passwords in a variety of ways, including PAM, LDAP, against a Kerberos database, and so on.
// from Cyrus SASL documentation (components.html)

// from Cyrus SASL documentation (windows.html)
Note, that Cyrus SASL on Windows is still laregely a "work in progress". So far only the main library, plugins (SASLDB using SleepyCat, no MySQL) and several applications (see the list below) can be built. In particular, saslauthd doesn't compile on Windows.
// from Cyrus SASL documentation (windows.html)

Last version of Cyrus SASL is 2.1.22 from 2006.05.19.

Authentication for svnserve using LDAP. Information about LDAP setting contains in svnserve.conf.
Example:

[ldap]
Server=ldap://dc1:389/
Base=OU=PrivateUsers,OU=TSSupportUsers,DC=nwork,DC=local
BindName=CN=LDAPSvcAccount,OU=ServiceAccount,OU=TSSupportUsers,DC=nwork,DC=local
BindPass=supersvcpass
UserIdAttr=sAMaccountName

For compilation You are also should get the open_ldap or novell-cldap library.
Compile without preprocessor directive SVN_HAVE_SASL.

[[[
Authentication for svnserve using LDAP.

* subversion/include/svn_ra_svn.h
(svn_ra_svn_basic_server): New function declaration.

* subversion/include/svn_config.h
(SVN_CONFIG_SECTION_LDAP, SVN_CONFIG_OPTION_LDAP_SERVER, SVN_CONFIG_OPTION_LDAP_BASE, SVN_CONFIG_OPTION_LDAP_BIND_NAME,
SVN_CONFIG_OPTION_LDAP_BIND_PASS, SVN_CONFIG_OPTION_LDAP_USER_ID_ATTR): New options for svnserve.conf.

* subversion/libsvn_ra_svn/ra_svn.h
(svn_ra_svn_basic_client): New function declaration.

* subversion/libsvn_ra_svn/internal_auth.h
(svn_ra_svn__do_internal_auth): Adds new mechanism.

* subversion/libsvn_ra_svn/basic.c
(ldap_config_struct): New struct.
(get_ldap_config): New function.
(ldap_open_and_bind): New function.
(ldap_authentication): New function.
(svn_ra_svn_basic_server): New function.
(svn_ra_svn_basic_client): New function.
]]]

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org

Received on 2008-02-02 15:38:51 CET

This is an archived mail posted to the Subversion Dev mailing list.