RE: How to authenticate Subversion with SASL2 + LDAP

From: rizzopablo_at_gmail.com [mailto:rizzopablo_at_gmail.com] On Behalf Of Pablo Manuel Rizzo
Sent: Friday, June 12, 2009 12:15 AM
To: users_at_subversion.tigris.org
Subject: Re: How to authenticate Subversion with SASL2 + LDAP

On Thu, Jun 11, 2009 at 11:03, Stefan Sperling <stsp_at_elego.de<mailto:stsp_at_elego.de>> wrote:
On Thu, Jun 11, 2009 at 10:43:13AM -0300, Pablo Manuel Rizzo wrote:
> Hey Andrey, first you say it's not possible, now you say it's all there.
> Is something wrong with you?
I'd say he just didn't know that SASL auth was added to svnserve.
It's a new feature.

> Does anybody know how to use sasl to authenticate subversion with ldap?
The book suggests that you read the SASL documentation to
find out how to configure a given authentication scheme.
Have you read this part of the svnbook?

I quote http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl

 Because SASL provides so many different kinds of authentication mechanisms, it
 would be foolish (and far beyond the scope of this book) to try to describe
 every possible server-side configuration. Instead, we recommend that you read
 the documentation supplied in the doc/ subdirectory of the SASL source code. It
 goes into great detail about every mechanism and how to configure the server
 appropriately for each.

Have you tried that?

Yes, sasl documentation is quite poor, there are no quick tips or how tos. I see many people in this list and many others and forums is looking for a quick how-to too. If someone in this list was able to make it work and is willing to share how, it would be very nice and usefull to publish this information somewhere.

--
Pablo Manuel Rizzo
-------------------------------
http://pablorizzo.com
-------------------------------
I tried for quite some time and couldn’t get it to work.  We have a ‘pure’ Windows environment here, so clients are all Windows XP/Vista and the Subversion server is Windows Server 2003 R2.  In the end I found that CyrusSASL is missing so key files on a Windows deployment and therefore it is not possible in a Windows only environment.  I did see some forum posts that got it working with Linux (can’t remember if it was Linux client, server or both) but I can’t seem to find the posts anymore.
The short of it is I couldn’t get it to work on Windows and I don’t believe it’s possible (at least with any distribution I’ve used).  I believe it is possible from/to linux boxes but I didn’t record the details because it wasn’t relevant to my situation.
Its not a lot of help but it might prevent you wasting a lot of time.
Keith Moore.
#####################################################################################
Attention:
The information contained in this message and or attachments is intended
only for the person or entity to which it is addressed and may contain
confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon,
this information by persons or entities other than the intended recipient
is prohibited. If you received this in error, please contact the sender and
delete the material from any system and destroy any copies.
#####################################################################################
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2361481
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].