[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: [TSVN] Authentication With Samba

From: Hughes, Trystan <Trystan.Hughes_at_assetco.com>
Date: 2005-06-14 11:16:41 CEST

>All users in my company are on Windows, it just that we house some Linux servers in the server room, which is where SAMBA comes into it I presume - I ain't an admin guy :).
>
>I've come across PAM which can be used by APache to authenticate against. You here of this?
>
>
>Yes, PAM stands for Pluggable Authentication Modules which is the Linux
>standard for authorization and authentication of users for various
>services against various backends. That's where "pluggable" comes in --
>as long as the auth service speaks PAM, you could convert from using,
>say, the /etc/passwd file to SAMBA or LDAP (which is probably what your
>SAMBA setup is actually using on the backend) or anything else and none
>of your services will even notice the change.

>If SAMBA is already working for logins, you're most of the way there.
>All you need now is mod_auth_pam on your Apache server, then an
>"AuthPAM_Enabled on" directive to control your Subversion <Location>
>block or virtual server or however you have it set up, along with
>"Require user <user-list>" or "Require valid-user", etc. See
><http://pam.sourceforge.net/mod_auth_pam/> for download and
>configuration info.

>Then, in /etc/pam.d, you will need a file named "httpd" (I think the
>mod_auth_pam creates one by default) that looks like the following:
>#%PAM-1.0
>auth required pam_stack.so service=system-auth
>account required pam_stack.so service=system-auth

>This tells mod_auth_pam to "bubble up" requests for authorization to the
>"system-auth" service (which should already exist in /etc/pam.d).
>Basically, this means that if they can log in to the Linux box, they can
>authenticate in Apache. You can winnow down this list using "Require
>User" or "Require Group" in httpd.conf if you don't want everyone to be
>able to commit.

Uhm, just to note that SVN Subversion will be installed on a new Windows Server 2003 machine, and so will Apache2 server.

Will this be a problem? Because looking at the website you provided, its seems the mod_auth_pam module is obnly available for Linux.

Thanks

Tryst

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org

The views expressed in this e-mail are not necessarily the views of AssetCo Group Limited,
its directors, officers or employees make no representation or accept any
liability for its accuracy or completeness unless expressly stated to the contrary.
This e-mail, and any attachments are strictly confidential and intended for the addressee(s) only.
The content may also contain legal, professional or other privileged information. Unless expressly
stated to the contrary, no contracts may be concluded on behalf of AssetCo Group Limited by means of
e-mail communication. You may report the matter by calling us on +44 (0)118 906 8000.
Please ensure you have adequate virus protection before you open or detach any documents from this
transmission. AssetCo Group Limited does not accept any liability for viruses. AssetCo Group Limited
is registered in England: Company number: 4450947
Registered Office: Davidson House, Forbury Square, Reading, Berkshire RG1 3GA
Received on Tue Jun 14 11:13:39 2005

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.