[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Dual Authentication (LDAP/file authentication)

From: Richard Orta <rorta_at_handango.com>
Date: 2007-08-28 06:10:58 CEST

Hello!

We are using Subversion and Apache with LDAP for authentication. We have
a good configuration for accessing the LDAP service. For example, one of
our project repositories would use a configuration similar to the
following:

 

LoadModule dav_svn_module modules/mod_dav_svn.so

LoadModule authz_svn_module modules/mod_authz_svn.so

 

<Location /project1>

        DAV svn

        SVNPath /home/svn/repositories/project1

        AuthType Basic

        Options Indexes FollowSymLinks

        AllowOverride None

        Order Deny,Allow

        Deny from all

        Allow from mycompany.com

        AuthName "svnauthority"

        SVNAutoversioning on

        AuthLDAPURL
ldap://ldap-server.mycompany.com:389/OU=Departments,OU=ManagedUsers,DC=m
ycompany,DC=com?sAMAccountName

        AuthLDAPBindDN "CN=svnauthority,CN=Users,DC=mycompany,DC=com"

        AuthLDAPBindPassword "********"

        Require valid-user

</Location>

 

 

But, now we have a need for an account that is not tied to LDAP. This
pseudo-account will be created locally on the Unix server running
Apache/Subversion by using htpasswd. In other words, it will not have an
LDAP or /etc/passwd entry. It will only exist in the password file
(created by htpasswd) . So, we want the server to check LDAP first, then
if the account is not found, check the local file for the password.

 

Does any know how to configure Subversion/Apache to allow for
authentication using both LDAP and the local password file?

 

If this is already in the mail list, my apologies. I've been looking all
day and have not found it, yet.

 

Thanks!

--Richard

 

 

 
Received on Wed Aug 29 17:30:52 2007

This is an archived mail posted to the Subversion Users mailing list.