[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Apache/LDAP/SVn --- ldap using Read-Only/READWRITE groups for each repository?

From: Parker, Michael <mparker_at_qualcomm.com>
Date: 2007-09-26 00:00:00 CEST

Ok,

I am having problems configuring Apache, LDAP, and SVN into one nice piece.
What I am setting up one Parent SVN directory then attempting to perform the
control with Apache Location, and Limit directives.

My goal, at each repository level to have projects R/W and Read-Only based on
different LDAP Groups.

Here is what I have been trying without real success that I can see, can you
all suggest what I should be doing here?

I'd like to do all the protections using LDAP groups as we have a method of
selected group changes by designated administrators. Maintaining the standard
file would be much more painful for us.

HELP?

Thanks.

Michael Parker
mparker@qualcomm.com

------------------
<Location /svn>
        DAV svn
        SVNParentPath /repo
        SVNListParentPath on
        AuthBasicProvider ldap
        AuthzLDAPAuthoritative On
        AuthType Basic
        AuthName "IT Subversion Repository"
        AuthLDAPURL ldap://ldap/ou=people,o=company?uid?sub
        require ldap-group cn=svn-access, ou=groups,o=company
        IndexOptions FancyIndexing HTMLTable IconsAreLinks XHTML VersionSort
</Location>
#
# for the sandbox location
#
<Location /svn/sandbox>
        require ldap-group cn=svn-access,ou=qgroups,ou=groups,o=company
</Location>
#
# now for a real project
#
<Location /svn/project1>
        <LimitExcept GET PROPFIND OPTIONS REPORT>
         require ldap-group cn=project1-rw, ou=groups,o=company
        </LimitExcept>
        require ldap-group cn=project1-ro, ou=groups,o=company
</Location>
#
# another company
#
<Location /svn/project2>
        <LimitExcept GET PROPFIND OPTIONS REPORT>
         require ldap-group cn=project2-rw, ou=groups,o=company
        </LimitExcept>
        require ldap-group cn=project2-ro, ou=groups,o=company
</Location>

  • application/x-pkcs7-signature attachment: smime.p7s
Received on Wed Sep 26 00:00:28 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.