You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Peter Karman <pe...@peknet.com> on 2008/03/11 14:55:02 UTC
non-svn authz best practice
Greets.
First, a big thanks to all the svn devs. I have used the tool for years and Can't Live
Without It[tm].
Second, my organization is on the brink of implementing a large scale svn hosting project.
We'd like to use LDAP for both auth and authz. A trip through the mail archives this
morning tells me that there have been several threads started and aborted over the last
couple years about defining project requirements for non-svn-based authz, including a
patch to mod_authz_svn.c.[0]
The svn book suggests that a start-commit hook is the ideal place to do auth/authz checks.
I am writing today to ask
(a) is there any movement afoot to implement non-svn authz, esp LDAP-based authz, and
(b) is the start-commit hook still the recommended way to implement authz aside from the
already-existing mod_authz_svn, and if so
(c) is it recommended to set SVNPathAuthz off in mod_dav_svn config if using start-commit
to do authz?
TIA,
pek
[0] http://svn.haxx.se/dev/archive-2006-07/0966.shtml
--
Peter Karman . peter@peknet.com . http://peknet.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: non-svn authz best practice
Posted by Shawn Talbert <st...@exploreconsulting.com>.
Isn't 1.5 slated to have a more pluggable authentication architecture?
I remember making a mental note that we'd get (windows domain auth in my case) authentication options in the 1.5 release?
-----Original Message-----
From: Peter Karman [mailto:peter@peknet.com]
Sent: Tuesday, March 11, 2008 7:55 AM
To: users@subversion.tigris.org
Subject: non-svn authz best practice
Greets.
First, a big thanks to all the svn devs. I have used the tool for years and Can't Live
Without It[tm].
Second, my organization is on the brink of implementing a large scale svn hosting project.
We'd like to use LDAP for both auth and authz. A trip through the mail archives this
morning tells me that there have been several threads started and aborted over the last
couple years about defining project requirements for non-svn-based authz, including a
patch to mod_authz_svn.c.[0]
The svn book suggests that a start-commit hook is the ideal place to do auth/authz checks.
I am writing today to ask
(a) is there any movement afoot to implement non-svn authz, esp LDAP-based authz, and
(b) is the start-commit hook still the recommended way to implement authz aside from the
already-existing mod_authz_svn, and if so
(c) is it recommended to set SVNPathAuthz off in mod_dav_svn config if using start-commit
to do authz?
TIA,
pek
[0] http://svn.haxx.se/dev/archive-2006-07/0966.shtml
--
Peter Karman . peter@peknet.com . http://peknet.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org