[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

SVN LADP Group Authentication

From: Ashwin Basagouda Patil <ashwin.patil_at_robosoftin.com>
Date: Wed, 30 Jan 2008 20:38:45 +0530

Dear All,

Sorry for asking again with new subject line, but please note that I never
received any response from any one for this my request. Please help me in
this regards.

Please read full mail. Please excuse me if it so long. I tried to explain
my configuration.

We recently upgraded our SVN server to 1.4.5 and apache 2.054 also it is
configured for authentication to SVN by user in LDAP. It is working fine
for all the users.

Now we are need of group authentication, I mean the users present in a
group of LDAP should grant the access to SVN, if group name is mentioned in
the SVN_Authorization file.

I have virtual hosting for the apache configuration:

Apache configuration: ssl.conf file

##################### start of file #######################################
NameVirtualHost *:443
LDAPTrustedCA /usr/local/apache2/conf/ssl/cacert.pem
LDAPTrustedCAType BASE64_FILE
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<IfDefine SSL>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/usr/local/apache2/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
AcceptMutex flock
SSLEngine on
SSLCipherSuite ALL:!ADH:!
EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache2/conf/ssl/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl/server.key
SSLCACertificateFile /usr/local/apache2/conf/ssl/cacert.pem

####################### test_at_robosoft.co.in ###############################

<VirtualHost *:443>
        ServerName test.robosoft.co.in
        ServerAdmin root_at_robosoftin.com
        DocumentRoot /Volumes/Projects/test/
  <Location />
        DAV svn
        SVNPath /Volumes/Projects/Subversion/Projects/test/

        AuthName "Robosoft Technologies Pvt Ltd"
        AuthType Basic
        
AuthLDAPUrl "ldaps://roboserver.robosoft.co.in/cn=users,dc=RoboServer?cn"
# Auth on
        Require ldap-group cn=groups,dc=RoboServer?cn

# Our access control policy
        
AuthzSVNAccessFile /Volumes/Projects/Subversion/Projects/test/test.txt
</Location>
       ErrorLog /Volumes/Projects/Subversion/Projects/test/error.log
       CustomLog /Volumes/Projects/Subversion/Projects/test/access.log
common
<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
       SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2/cgi-bin">
       SSLOptions +StdEnvVars
</Directory>
       SetEnvIf User-Agent ".*MSIE.*" \
       nokeepalive ssl-unclean-shutdown \
       downgrade-1.0 force-response-1.0

</VirtualHost>

</IfDefine>

##########################################################################

Also IO have the bello configuration in my SVN_Authorization file as listed
bellow.

Path : as mentioned in ssl.conf file

AuthzSVNAccessFile /Volumes/Projects/Subversion/Projects/test/test.txt

[/]
ashwin = r
name2 = r
name3 = r
name4 = r
* =

[/dir1]
ashwin = rw
name2 = r
name3 = rw
name4 = rw
* =

[/dir1/dir2]
ashwin = rw
name2 = r
name3 =
name4 = r
* =

[/dirA]
ashwin = rw
name2 = r
name3 =
name4 = r

[/dirA/dirB]
ashwin = rw
name2 = r
name3 =
name4 = r
* =

#################END OF FILE AuthzSVNAccessFile ########################

Please help me how I can success to authenticate a user present in the LDAP
dir group and group name is mentioned in "AuthzSVNAccessFile".

Thanks in Advence.
Ashwin Patil

-----------------------------------------------
Robosoft Technologies - Come home to Technology

Disclaimer: This email may contain confidential material. If you were not an intended recipient, please notify the sender and delete all copies. Emails to and from our network may be logged and monitored. This email and its attachments are scanned for virus by our scanners and are believed to be safe. However, no warranty is given that this email is free of malicious content or virus.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-01-30 16:09:34 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.