[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Subversion Authentication

From: Nico Kadel-Garcia <nkadel_at_gmail.com>
Date: Mon, 29 Nov 2010 19:32:17 -0500

On Mon, Nov 29, 2010 at 2:42 PM, Patrick Brennan
<Patrick.Brennan_at_zaisgroup.com> wrote:
> Hello,
>
>
>
> We have a default install of Subversion software and our users are
> requesting Authentication be setup for our Developers Domain group and a
> Domain group in another sister domain.

What is a "default install"? A Linux box with RPM's from RPMforge, a
Windows server with a particular toolkit, or what?

Any Apache based server that can handle mod_auth_kerb can use the
underlying Kerberos login names and passwords that Active Directory is
built on. That doesn't get you "group" management, but it's a starting
place. Be aware that Linux and UNIX and CygWin svn command line
clients, by default, will store the HTTP or HTTPS passwords in clear
text in the user's home directory: this is why I generally refuse to
use this.

But if you can somehow prevent such access, or have confidence in your
users not to use such tools, it should be straightforward to set up.
Group information and privileges, well, you'd have to give better
ideas of what you're trying to allow, and what you're trying to
prevent. And you *really* need to go read the Subversion book at
http://svnbook.red-bean.com/, focusing on the access control chapters.
Especially look here:
http://svnbook.red-bean.com/en/1.5/svn-book.html#svn.serverconfig.httpd.authn

> We have no idea how to do this to disable everyone from having access which
> they do now and only give access to select domain groups.
>
> Any help would be appreciated.
Received on 2010-11-30 01:32:57 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.