On Wed, Oct 27, 2010 at 10:32 AM, Jasper Bal | AdSolutions
<JasperB_at_adsolutions.com> wrote:
> I’ve successfully setup a svn server using Active Directory for
> authentication. Some of my users are from a different office and do not
> exist in the AD. I would like to authenticate them using the standard
> password file instead of adding them to AD.
>
> I am aware of the AuthzLDAPAuthoritative off directive, but cannot find any
> documentation on its use except in combination with anonymous login.
>
> The problem might be that both kinds of authentication are handled in the
> same module (authz_svn_module). Do I need to load a different module to make
> the fall through possible?
>
> Can someone point me to the right documentation?
CollabNet Subversion Edge supports this out of the box and also
provides a web UI for managing those usernames and passwords that are
not in LDAP.
http://www.open.collab.net/products/subversion/
If you want to go your own on this, the directives we use wind up
looking like this:
LoadModule ldap_module lib/modules/mod_ldap.so
LoadModule authnz_ldap_module lib/modules/mod_authnz_ldap.so
<AuthnProviderAlias ldap ldap-users>
AuthLDAPUrl "ldaps://xxx.xxx.sxxxp.collab.net:636/ou=xxx,dc=collab,dc=net?uid?sub?objectClass=*"
"SSL"
AuthLDAPBindDN "cn=xxx,dc=collab,dc=net"
AuthLDAPBindPassword "xxxxx"
</AuthnProviderAlias>
<AuthnProviderAlias file csvn-file-users>
AuthUserFile "/u1/csvn/data/conf/svn_auth_file"
</AuthnProviderAlias>
<Location /svn/>
DAV svn
SVNParentPath "/u1/repositories"
SVNReposName "CollabNet Subversion Repository"
AuthzSVNAccessFile "/u1/csvn/data/conf/svn_access_file"
SVNListParentPath On
Allow from all
AuthType Basic
AuthName "CollabNet Subversion Repository"
AuthBasicProvider csvn-file-users ldap-users
Require valid-user
</Location>
--
Thanks
Mark Phippard
http://markphip.blogspot.com/
Received on 2010-10-27 18:38:48 CEST