subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roberto Medula Espa├žo <roberto.med...@gmail.com>
Subject LDAP group rules is ignored
Date Mon, 19 Jul 2010 18:20:31 GMT
Hi.

Excuse my English.

I'm trying to create the following scenario:

- repository:
    - name = my_software
    - group that can checkout and/or commit = power_group
    - group that can only checkout = read_group

I'm using Apache mod_dav configured as following:

DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Repo SVN"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldap://localhost:389/ou=peopole,dc=example,dc=com?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN on
AuthLDAPBindDN "uid=svndav,ou=people,dc=example,dc=com"
AuthLDAPBindPassword "mylittlesecret"
Require ldap-group cn=svndav,ou=groups,dc=example,dc=com
Require valid-user
SSLRequireSSL

So, it isn't work.

If I comment the line 'Require ldap-group' at least subversion ask to
user and password and authenticates fine, only existing user/password
can checkout/commit.

But, of course, I want that only an specific group can checkout and/or commit.

If I leave uncommented "Require ldap-group" and/or
"AuthLDAPGroupAttribute" lines,

not even the 'svndav' user specified directly in Apache Dav config is
able to checkout.

Yes, I've put both in the group 'svndav' specified in Apache Dav config.

Can anyoune help me?

[]s
Alexander
Brazil

Mime
View raw message