tags:

views:

516

answers:

4
+3  Q: 

Configuring Subversion to use system users/passwords

I'm using Subversion 1.6.1 with Apache, on a Linux machine. The server is running over http, not https.

I want to allow people to authenticate using the same login/password that they use to log into the machine via SSH. The SVN manual only explains how to use HTTP Basic Auth and Digest authentication. But with these approaches, I need to maintain a separate list of users, and they can't change their own passwords. I'd prefer to just use the system's users.

  1. How do I do this?
  2. Is this wise?
+2  A: 

Any particular reason not to just access it via svn + ssh, since they have accounts?

simon  2009-04-30 15:24:57
HTTP may be preferable if access via the Internet is a requirement (SSH is blocked by many corporate firewalls, such as at my work).
Craig McQueen  2009-05-01 01:35:38
Craig: sure, that's why I asked if there was a particular reason for this, rather than just stating this was the way to do it. svn+ssh is the easy way in this situation if it will work, but it won't work on every network.
simon  2009-05-01 15:39:41
+2  A: 

I would say this is a perfect serverfault question.

BUT, I do it using WebDav in Apache and pwauth.

Tom Ritter  2009-04-30 15:29:11
Likewise, but with mod_auth_shadow.
sharth  2009-04-30 15:32:58
+1  A: 

We have authentication against a windows domain set up with mod_auth_sspi. No problems so far.

Wim Coenen  2009-05-01 01:29:05
mod_auth_sspi wouldn't work on a Linux box, would it? I thought that was a Windows-only solution.
Craig McQueen  2009-05-01 01:36:49
Apparently it can also be used on linux: http://svn.haxx.se/users/archive-2006-03/0931.shtml
Wim Coenen  2009-05-01 01:42:36
+2  A: 

The question mentions basic/digest auth. First, note that basic/digest auth refers to the protocol between server and browser to communicate the user/password (on Apache 2.2, using authentication front-end modules such as mod_auth_digest and mod_auth_basic).

Behind the scenes, Apache can use a number of different sources of user/password information to check against. mod_authn_file which uses a "password file" is a common one, and it sounds as though that's what you're referring to.

To access the system user/password on a Linux box, Apache project itself doesn't provide any authentication back-end modules, but there are 3rd-party ones available. See this article which may be helpful:

Apache 2.2 authentication with mod_authnz_external

Craig McQueen  2009-05-01 01:54:43
Thanks for the clarification...that's helpful.
JW  2009-05-01 05:35:21

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?