On Wed, Mar 31, 2010 at 02:28:53PM -0700, Aaron Turner wrote: > On Wed, Mar 31, 2010 at 2:25 PM, Stefan Sperling <s...@elego.de> wrote: > > On Wed, Mar 31, 2010 at 12:40:13PM -0700, Aaron Turner wrote: > >> On Wed, Mar 31, 2010 at 12:23 PM, Lee Kaufman > >> <lee.kauf...@transmetric.com> wrote: > >> > I have been set the task of setting up SVN and connecting Authentication > >> > and > >> > Authorization to our MS Active Directory system. The SVN is now running > >> > on > >> > a Debian Linux server. I have successfully set up Authenticated to > >> > authenticate users who have access to the SVN system based on a Security > >> > Group in our AD. > >> > > >> > The next task is where I am encountering the difficulty is in Authorizing > >> > individual users to read and write to the individual repositories. From > >> > what I have seen I need I to do this I need a AuthzSVNAccessFile file. > >> > However I have not been able to find any documentation on how to > >> > accomplish > >> > this using AD groups. Below is a simple example. > >> > >> Last time I checked, you can't do authorization via LDAP/AD. Just > >> authentication. Hence the lack of documentation on the subject. > > > > Various wrapper scripts exist which generate an authz rules file > > from data pulled from LDAP/AD directories. I agree that it would > > be nice to have built-in support for this in mod_authz_svn though. > > Do you have a link to such a script? I've occasionally looked for one > and never found it... was planning on writing one someday, but no > point in reinventing the wheel.
Google "svn authz ldap" says: http://www.thoughtspark.org/node/26 This patch to apache httpd also looks interesting: http://mail-archives.apache.org/mod_mbox/httpd-dev/200912.mbox/%3c4b22cfbe....@gmx.net%3e Though I didn't check what became of it. Stefan
