[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Subversion with Active Directory for Authentication -- Strategies

From: Daragh Fitzpatrick <Daragh_at_UChicago.edu>
Date: 2004-05-17 20:43:44 CEST

This is regarding your Active Directory part:

I'm looking into PubCookie (pubcookie.org) as an SSO solution that
integrates with Apache - we are using TRAC as the web front-end to SVN.
[PubCookie also integrates with IIS, but I don't know how an AD bridge would
work - maybe PubCookie<->LDAP on AD?]

I'll let you know how I get on.

Cheers,

          :D

--------------------------------------------------------------------
Daragh Fitzpatrick Daragh@UChicago.edu (773) 702-8976

Solutions Architect NSIT Administrative Systems
Renewal Projects and Architecture University of Chicago
--------------------------------------------------------------------
-----Original Message-----
From: David CM Weber [mailto:david.weber@backbonesecurity.com]
Sent: Monday, May 17, 2004 1:38 PM
To: users@subversion.tigris.org
Subject: Subversion with Active Directory for Authentication -- Strategies

Hey everyone. I searched the archives and checked w/ google, but didn't
find anything directly applicable.

I'm in the process of setting up subversion. My subversion server's
configuration is below

The subversion server will have multiple repositories hung off of it
e.g.: http://subversion_server/svn/repo1,
http://subversion_server/svn/repo2, ...

For each repository, I'd like to require different group membership using
apache's "require group" syntax (not seen below)

I'm not sure exactly how to get this to work. Would a .htaccess file in the
repository directory be sufficient?

My question (I guess) revolves mostly around which strategy would be best.
I'd almost prefer the flexibility of restricting groups to read/write at
directories within a repository, but realize that this might be asking too
much.

Any suggestions would be appreciated. Thanks!

--------------------------------------------------------

LoadModule dav_svn_module modules/mod_dav_svn.so
<Location /svn>

    DAV svn
    SVNParentPath /svnroot

    AuthType Basic
    AuthName "Please Login"
    AuthLDAPURL "ldap://server1 server2/<BASE DN
HERE>?sAMAccountName?sub?(objectClass=user)"
    AuthLDAPBindDN "<BIND DN HERE>"
    AuthLDAPBindPassword <PASSWORD>
    require valid-user

</Location>
--------------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon May 17 20:45:25 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.