|
Hey all, Usecase blurb: I’ve been trying to follow the *many* threads on both tigris and collabnet
where people are trying to get the ‘svnserve’ tool setup to use
SASL w/ ldap. No one has met with success, or if they have there is
insufficient information to reproduce. Discussions around saslauthd, auxprop, PAM, and EXTERNAL
bounce around. Most people have gone back to using
apache/httpd with the mod_svn_dav module to expose and secure their SVN
repositories. I personally have had success securing with the
mod_authz_ldap module. <Location /svn> DAV svn SVNParentPath /var/svnroot AuthzSVNAccessFile
/etc/opt/CollabNet_Subversion/conf/svn_access_file AuthType Basic AuthName “SVN repo” AuthLDAPURL ldap://…./dc=blah,
ou=blah?uid AuthBasicProvider file ldap AuthUserFile
/etc/top/Collabnet_Subversion/conf/svn_auth_file AuthzLDAPAuthritative on AuthLDAPGroup AttributeIsDN off AuthLDAPGroupAttribute memberUid Require valid-user </Location> Question: How can we setup sasl to use an existing mod_authz_ldap
setup for securing another service such as ‘svnserve’ that uses
SASL to re-use already known security configurations? Thanky, -D |
