[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: User management

From: David Weintraub <qazwart_at_gmail.com>
Date: Thu, 16 Oct 2008 12:26:10 -0400

I'd recommend svnmanager too, but that's for http.

The password file in Subversion is a text file, so it shouldn't be too
difficult to write some sort of script to manage this. This could be
placed in a web interface via CGI scripting, using PHP, JavaScript, or
some other mechanism. Heck, it doesn't have to be in the same
directory as the repository. You can set where this file in your
svnserve.conf file. The svnserve process doesn't have to have write
permissions, but does need read permissions.

The real issue is security: If you have a process that allows others
to update this file, you have the possibility that others can also
read this file and see other people's passwords. After all, it is in
clear-text format.

I did this about three years ago back in the Subversion 1.2 days. Took
me about three to four hours to get a Perl script running via CGI to
do what I want.

Another possibility is to do this via SASL. This is a new feature of
Subversion 1.5, so I haven't tried this yet, but it is documented in
the Subversion book. See <http://peek.snipurl.com/4f272>
[svnbook_red-bean_com] and <http://snipurl.com/4f280>
[asg_web_cmu_edu] for more information.

Or, you can use the old standby: svn+ssh:// as your protocol. This can
be a bit tricky to setup, but it isn't too difficult. The big problem
is that this works best for Unix sites that use the standard Unix
security. It could be possible if you use Samba to do this via Windows
security too, but that gets a little messy.

David Weintraub
On Wed, Oct 15, 2008 at 10:37 PM, Robert Dailey <rcdailey_at_gmail.com> wrote:
> Hi,
> Currently I'm using svnserve to host my repository. One of the main concerns
> I have is reliably and efficiently creating users for my repository. I'm
> always having to manually add users to the passwd file and giving them
> passwords. I would like them to be able to set their own password through
> some sort of web interface. Something that would be a bit better is to have
> them visit a website where they create an account and I later approve it,
> and until I approve it, I could set unauthorized new accounts to have only
> read access. Approval might give them write access.
> Is there such a thing? I don't want to have to resolve to http:// protocol
> for SVN because it's much slower, so if I can make that a last resort it
> would be great.
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-10-16 18:26:40 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.