svn ldap自动授权

时间:2015-07-17 11:39:24

标签: authentication svn ldap

当我们决定转移到SVN的LDAP身份验证时,我假设认证&授权将是自动的,即如果用户登录到网络,subversion将接受用户合法而不会弹出登录对话框,但只是继续生活。不幸的是,到目前为止我们还没有实现这一点。

除其他外,它导致我的源代码管理外联网Web应用程序出现问题,该应用程序曾用于进行用户密码查找(不安全),但现在必须请求授权。

SVN / LDAP应该像我希望的那样工作吗?如果是这样,我需要设置一些神秘的配置项吗?我错过了什么?

我认为这是合适的.conf [当然是编辑和混淆]

#
#
# DO NOT EDIT THIS FILE IT WILL BE REGENERATED AUTOMATICALLY BY SUBVERSION EDGE
#
# If you must make a change to the contents of this file then copy and paste the
# content into the httpd.conf file and comment out the Include statement for
# this file. The httpd.conf file is not modified or generated and is safe for
# you to modify.
#
#

Include "F:\csvn\data/conf/ctf_httpd.conf"
<VirtualHost *:18080>
# SSL is off

# Required for SCRIPT_URI/URL in viewvc libs, not just rewrite rules
RewriteEngine on
RewriteOptions inherit

# Apache will issue sub_req for PATH_INFO on ScriptAlias which
# gives a spurious error message. Setting auth at root level to avoid clogging logs.
<Location />
  AuthType Basic
  AuthName "CollabNet Subversion Repository"
  AuthBasicProvider file ldap
  AuthLDAPUrl "ldap://192.168.0.249:3268/OU=Technical Staff,OU=DomainUsers,DC=snip,DC=net?samAccountName?sub" "NONE"

  AuthLDAPBindDN "CN=subversion,OU=Technical Staff,OU=DomainUsers,DC=snip,DC=net"
  AuthLDAPBindPassword "kasd8asdik"
  LDAPReferrals Off


  AuthUserFile "F:\csvn\data/conf/svn_auth_file"

  Require valid-user
</Location>

# Work around authz and SVNListParentPath issue
RedirectMatch ^(/svn)$ $1/
<Location /svn/>   
   DAV svn
   SVNParentPath "F:/csvn/data/repositories"
   SVNReposName "CollabNet Subversion Repository"

  <IfModule deflate_module>
    SetOutputFilter DEFLATE
  </IfModule>
  AuthzSVNAccessFile "F:\csvn\data/conf/svn_access_file"
  SVNPathAuthz short_circuit
  SVNListParentPath On
</Location>


<Directory "F:\csvn\www\viewVC/docroot">
  AllowOverride None
  Options None
</Directory>
<Location /viewvc-static>
  Require all granted
</Location>
Alias /viewvc-static "F:\csvn\www\viewVC/docroot"

ScriptAlias /viewvc "F:\csvn\bin/cgi-bin/viewvc.cgi"

<Location /viewvc>
  AddDefaultCharset UTF-8
  SetEnv CSVN_HOME "F:\csvn"
</Location>

</VirtualHost>

#
# auth helper endpoint for use by SvnEdge
#        
<VirtualHost localhost:50123>
  <Location "/">
  AuthType Basic
  AuthName "CollabNet Subversion Repository"
  AuthBasicProvider file ldap
  AuthLDAPUrl "ldap://192.168.0.249:3268/OU=Technical Staff,OU=DomainUsers,DC=snip,DC=net?samAccountName?sub" "NONE"

  AuthLDAPBindDN "CN=subversion,OU=Technical Staff,OU=DomainUsers,DC=snip,DC=net"
  AuthLDAPBindPassword "kasd8asdik"
  LDAPReferrals Off


  AuthUserFile "F:\csvn\data/conf/svn_auth_file"


  Require valid-user
  </Location>
</VirtualHost>

1 个答案:

答案 0 :(得分:0)

  

SVN / LDAP应该像我希望的那样工作吗?

  

如果是的话,我需要设置一些神秘的配置项吗?

可能

  

我错过了什么?

显示与SVN相关的完整位置(来自Apache,您使用过它了吗?!)