You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by ma...@gmx.net on 2003/06/26 08:46:58 UTC
User authentification for repository access (apache/ssl)
hi @ll
i am runnign apache 2.0.46 / svn 0.24.2 using https.
everything works fine so far, but i wonder how to authentificate the users
w/o using a .htaccess file.
i tried a apache module called mod_auth_shadow, this works fine, but uses
only the local users on the system.
has anyone used svn/apache w/ NIS authentification?
has anyone an idea whether this would work?
-> the repository can only be accessd from an intranet w/ ssl.
thx for helping me so much.
greetz
achim
--
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: User authentification for repository access (apache/ssl)
Posted by "Martin v. Löwis" <ma...@v.loewis.de>.
mailing.lists@gmx.net writes:
> i tried a apache module called mod_auth_shadow, this works fine, but uses
> only the local users on the system.
You should be able to use standard Basic authentication (mod_auth) as
well, just provide a proper passwd file. Notice that authorization
applies to the entire repository; use mod_authz_svn for per-path
authorization.
> has anyone used svn/apache w/ NIS authentification?
Apache does not support NIS. You need to dump the NIS database
repeatedly into a file (e.g. using ypcat/niscat). We run Apache on the
NIS master, and set the AuthUserFile to point to /var/yp/somewhere.
> -> the repository can only be accessd from an intranet w/ ssl.
You might consider using SSL client authentication instead of
username/password; this would require creating certificates for all
users. We are moving towards that infrastructure, so that users don't
have to type their NIS passwords on every repository operation.
HTH,
Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org