[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

LDAP group rules is ignored

From: Roberto Medula Espaço <roberto.medula_at_gmail.com>
Date: Mon, 19 Jul 2010 15:20:31 -0300

Hi.

Excuse my English.

I'm trying to create the following scenario:

- repository:
    - name = my_software
    - group that can checkout and/or commit = power_group
    - group that can only checkout = read_group

I'm using Apache mod_dav configured as following:

DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Repo SVN"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldap://localhost:389/ou=peopole,dc=example,dc=com?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN on
AuthLDAPBindDN "uid=svndav,ou=people,dc=example,dc=com"
AuthLDAPBindPassword "mylittlesecret"
Require ldap-group cn=svndav,ou=groups,dc=example,dc=com
Require valid-user
SSLRequireSSL

So, it isn't work.

If I comment the line 'Require ldap-group' at least subversion ask to
user and password and authenticates fine, only existing user/password
can checkout/commit.

But, of course, I want that only an specific group can checkout and/or commit.

If I leave uncommented "Require ldap-group" and/or
"AuthLDAPGroupAttribute" lines,

not even the 'svndav' user specified directly in Apache Dav config is
able to checkout.

Yes, I've put both in the group 'svndav' specified in Apache Dav config.

Can anyoune help me?

[]s
Alexander
Brazil
Received on 2010-07-19 20:22:02 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.