RE: non-svn authz best practice

Isn't 1.5 slated to have a more pluggable authentication architecture?

I remember making a mental note that we'd get (windows domain auth in my case) authentication options in the 1.5 release?

-----Original Message-----
From: Peter Karman [mailto:peter_at_peknet.com]
Sent: Tuesday, March 11, 2008 7:55 AM
To: users_at_subversion.tigris.org
Subject: non-svn authz best practice

Greets.

First, a big thanks to all the svn devs. I have used the tool for years and Can't Live
Without It[tm].

Second, my organization is on the brink of implementing a large scale svn hosting project.
We'd like to use LDAP for both auth and authz. A trip through the mail archives this
morning tells me that there have been several threads started and aborted over the last
couple years about defining project requirements for non-svn-based authz, including a
patch to mod_authz_svn.c.[0]

The svn book suggests that a start-commit hook is the ideal place to do auth/authz checks.
I am writing today to ask

(a) is there any movement afoot to implement non-svn authz, esp LDAP-based authz, and
(b) is the start-commit hook still the recommended way to implement authz aside from the
already-existing mod_authz_svn, and if so
(c) is it recommended to set SVNPathAuthz off in mod_dav_svn config if using start-commit
to do authz?

TIA,
pek

[0] http://svn.haxx.se/dev/archive-2006-07/0966.shtml

-- 
Peter Karman  .  peter@peknet.com  .  http://peknet.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org