An example about how to configure WebDav Subversion with authentication and authorization
Requirements:
1. /svn/acme/trunk has been configured with Read/Write access (authorization) for all of users under dev_eng LDAP group (authentication)2. require to congiure an outsourcing development under /svn/acme/branches/outsourcing with only Read/Write access (authorization) for all of users under outsourcing_dev (authentication)
Configuration procedures:
1. create a new outsourcing_dev LDAP group (for authentication) with all of outsourcing developers2. create a svn access file for outsourcing_dev Read/Write access (for authorization), /etc/httpd/conf.d/svn-access-control with contents as below
[groups]
outsourcing_dev = user1, user2
[acme_outsourcing:/branches/outsourcing]
@outsourcing_dev = rw
3. insert outsourcing_dev under /etc/httpd/conf.d/subversion.conf
# acme outsourcing repository
<Location "/svn/acme-outsourcing">
DAV svn
SVNPath /svn/repositories/acme
SVNReposName "Subversion Repository [acme-outsourcing]"
AuthzSVNAccessFile /etc/httpd/conf.d/svn-access-control
# Specify the type of authentication system to use.
AuthType Basic
# Specify the authorization realm for use in HTTP authentication.
AuthName "ACME Subversion Repository"
# Specify the authentication provider for this location.
AuthBasicProvider ldap
# Prevent other authentication modules from authenticating the user if this one fails.
AuthzLDAPAuthoritative on
# Specify the LDAP server, the base DN, the attribute to use in the search,
# as well as the extra search filter to use.
AuthLDAPURL "ldap://acme:389/OU=Corp Accounts,DC=acme,DC=com?sAMAccountName?sub?(objectClass=*)" NONE
# Specify the DN to bind with during the search phase.
AuthLDAPBindDN "CN=srv-svn-ldap,OU=No-logon-rights,OU=Generic,OU=Corp Accounts,DC=acme,DC=com"
# Specify the password to bind with during the search phase.
AuthLDAPBindPassword uCG4Q79hkG
# Require a valid user.
Require ldap-group CN=acme_outsourcing,OU=Distribution,OU=Corp Groups,DC=acme,DC=com
</Location>
4. restart Apache Web service