[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: User Account Maintenance

From: Todd D. Esposito <Todd_at_ToddEsposito.com>
Date: 2005-10-11 16:08:16 CEST


On Tue, October 11, 2005 7:54, Gale, David said:
> What options are there for maintaining user accounts?
> [snip]
> Is there any configuration which would give me this? As near as I can
> tell, I need to pick between options a and b, which is a rather bitter
> thing to accept...

I've been using LDAP-based authentication (via mod_auth_ldap) for my
repositories for some time now, and find it very easy to maintain.

You set up each DAV location as you would for .htpasswd-based
authentication, but use the AuthLDAP parameters instead. Since each
location (if you have more than one repository) will (optionally) have
it's own LDAP filter, you can use an LDAP attribute (field) to gate access
to the several repositories. For example, you could use the 'description'
field to contain something like 'access:myrepos1' and the filter for
myrepos1 would look something like '(&....(description=access:myrepos1))'.
 Since description is a multi-valued field, adding addtional
'descriptions' for additional access is a breeze.

I then use phpLdapAdmin to add/change/delete use accounts.

I also wrote a quick PHP script to allow end users to change their LDAP
password, and made that URL well known.

You could probably do all this with MySQL-based authentication via another
apache auth module, if that's easier for you to set up. Ldap can be a bit
tricky if you haven't used it before.

Just my $0.02. Hope it helps!

- Todd

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Oct 11 16:10:34 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.