[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: SVN+LDAP+APache Access issue.

From: Cooke, Mark <mark.cooke_at_siemens.com>
Date: Wed, 9 May 2012 09:38:19 +0100

> -----Original Message-----
> From: sdevinen [mailto:sriharsha.work_at_gmail.com]
> Sent: 08 May 2012 19:50
> To: users_at_subversion.apache.org
> Subject: SVN+LDAP+APache Access issue.
>
>
> Hi All,
>
> I am new to SVN Administration. I am trying to setup access
> restriction per
> repository.
> for cm_qa repo, i need svn-eng-rw group to have read/write access,
> svn-eng-readonly to have readonly access, and no access to
> anyone outside
> these 2 groups.
>
> Can you please help me with this issue
> <Location /export/svn>
> DAV svn
> SVNParentPath /mnt/data/svn
> SVNListParentPath on
> SSLRequireSSL
> AuthzLDAPAuthoritative off
> AuthName "Protected area"
> AuthType Basic
> AuthBasicProvider ldap
> AuthLDAPUrl "ldap://ldap.xxxxx.com/ou=People,DC=xxxxx,DC=com"
> Require valid-user
> </Location>
>
>
> <Location /export/svn/cm_client>
> require ldap-group cn=svn-xxxxx,ou=Group,dc=xxxxx,dc=com
> require ldap-group cn=svn-kiev,ou=Group,dc=xxxxx,dc=com
> # Require ldap-group cn=svn-eng-readonly,ou=Group,dc=xxxxx,dc=com
> # Require ldap-group cn=svn-eng-rw,ou=Group,dc=xxxxx,dc=com
>
> </Location>
>
> <Location /export/svn/cm_qa>
> DAV svn
> SVNParentPath /mnt/data/svn
> SVNListParentPath on
> SSLRequireSSL
> AuthzLDAPAuthoritative off
> AuthName "Protected area"
> AuthType Basic
> AuthBasicProvider ldap
> AuthLDAPUrl "ldap://ldap.xxxxx.com/ou=People,DC=xxxxx,DC=com"
> <LimitExcept GET PROPFIND OPTIONS REPORT>
> require ldap-group cn=svn-eng-readonly,ou=Group,dc=xxxxx,dc=com
> </LimitExcept>
> require ldap-group cn=svn-eng-rw,ou=Group,dc=xxxxx,dc=com
> </Location>
>
> Thanks in Advance
> Tillu.

As far as I know you cannot do this using vanilla apache.

Answers to similar questions (did you search the list before posting?) generally recommend using a script to poll LDAP and update your repository's path based authorisation file with the group members...

~ mark c

> --
> View this message in context:
> http://old.nabble.com/SVN%2BLDAP%2BAPache-Access-issue.-tp33763590p33763590.html
> Sent from the Subversion Users mailing list archive at Nabble.com.
>
>
Received on 2012-05-09 10:38:59 CEST

This is an archived mail posted to the Subversion Users mailing list.