LDAP group rules is ignored

From: Roberto Medula Espaço <roberto.medula_at_gmail.com>
Date: Mon, 19 Jul 2010 15:20:31 -0300

Hi.

Excuse my English.

I'm trying to create the following scenario:

- repository:
    - name = my_software
    - group that can checkout and/or commit = power_group
    - group that can only checkout = read_group

I'm using Apache mod_dav configured as following:

DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Repo SVN"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldap://localhost:389/ou=peopole,dc=example,dc=com?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN on
AuthLDAPBindDN "uid=svndav,ou=people,dc=example,dc=com"
AuthLDAPBindPassword "mylittlesecret"
Require ldap-group cn=svndav,ou=groups,dc=example,dc=com
Require valid-user
SSLRequireSSL

So, it isn't work.

If I comment the line 'Require ldap-group' at least subversion ask to
user and password and authenticates fine, only existing user/password
can checkout/commit.

But, of course, I want that only an specific group can checkout and/or commit.

If I leave uncommented "Require ldap-group" and/or
"AuthLDAPGroupAttribute" lines,

not even the 'svndav' user specified directly in Apache Dav config is
able to checkout.

Yes, I've put both in the group 'svndav' specified in Apache Dav config.

Can anyoune help me?

[]s
Alexander
Brazil
Received on 2010-07-19 20:22:02 CEST

This message: [ Message body ]
Next message: Roberto Medula Espaço: "Will Subversion ignore rules files after LDAP configuration"
Previous message: Bastien Semene: "Re: changing svn:externals value in the pre-revprop-change hook"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]