[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authentication proxy for slave Subversion repos

From: Philippe Andersson <pan_at_iba-group.com>
Date: Wed, 29 May 2013 09:03:39 +0200

Hello Daniel,

Thanks a lot for your reply, first of all.

On 29/05/13 01:19, Daniel Shahaf wrote:
> Philippe Andersson wrote on Tue, May 28, 2013 at 09:52:10 +0200:
>> Hello list,
>> We're starting to create slave Subversion repos for installation on
>> remote sites. All of them will svnsync against a single central master
>> at headquarters.
>> Now the question: we would like all users on the remote sites to
>> authenticate against the master (to avoid having replicating that info
>> as well to the slave servers). The authentication on the master is
>> handled through Apache.
>> Is it possible to configure the slave servers to proxy the
>> authentication requests against the master ?
> It's certainly possible (e.g., if you use LDAP authentication you could
> configure an LDAPAuthURL that points to HQ),
In our case, we use "AuthType Basic" on the master server, so there is
no URL, just paths to the users and groups file. The password file for
the Subversion users is generated by a script based on the NIS password
file. Would it work in this case as well ?

> but whoever has access to
> the slave's httpd.conf will be able to disable/change those settings.
This is of no real consequence to us, as we can trust the sysadmins for
the remote replicas.

Cheers. Bye.

Ph. A.

*Philippe Andersson*
Unix System Administrator
IBA Particle Therapy |
Tel: +32-10-475.983
Fax: +32-10-487.707
eMail: pan_at_iba-group.com

Received on 2013-05-29 09:04:30 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.