tags:

views:

47

answers:

1
+2  Q: 

Use LDAP for SVN user authentication

I have an SVN server, and I'd like to use our LDAP server for user authentication. Right now I'm specifying usernames and passwords per repository, which is working OK, but more people are deciding to use this server. And I really shouldn't have access to their passwords. I'd like to use LDAP to authenticate users, and I want to grant access rights to a whole domain rather than specify users individually.

Some (gruesome) details:

  • SVN is running on a windows XP machine. :-(
  • I have both svnserve and http access, but the latter is a very minor concern.
  • I have minimal LDAP knowledge (which is probably why I'm asking this question.)

Finally, if this is a bad idea entirely, or if there's a better solution I would be interested in hearing it.

Thanks!

+3  A: 

svnserve is used whenever you access URLs starting with svn://. All URLs that start with http:// or https:// are handled by Apache. All Subversion clients should be able to handle both of them, and TortoiseSVN doesn't have a problem with them for sure.

Change your Apache config to something like this:

<Location /svn>
    AuthName "My repository"
    AuthType SSPI

    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain MYDOMAIN
    SSPIOmitDomain On
    SSPIOfferBasic On
    SSPIUsernameCase lower

    Require valid-user

    DAV svn
    SVNListParentPath on
    SVNParentPath D:/path/to/repos
    AuthzSVNAccessFile D:/path/to/accessfile
</Location>
Sander Rijken  2010-10-01 18:07:08
That's exactly what I was looking for. So, if I understand, I should have all svn access done through apache and disable the svnserve service?
JoshD  2010-10-01 21:21:53
Also, a note, the Location <Location /svn> causes issues on windows with xampp. I've always had to have <Location /svn/> Just a pointer if anyone else has that issue.
JoshD  2010-10-01 21:23:27
Yeah, you generally don't want to mix svn:// and http:// traffic to the same repository on a single client, that gets confusing.
Sander Rijken  2010-10-02 16:34:30
@JoshD Can you describe your xampp problem a little bit further? Maybe somewhere else than in this question (my twitter is on my profile)
Sander Rijken  2010-10-02 16:36:23

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?