标签:
svn+ apache + ldap 配置:
<Location />
# Uncomment this to enable the repository
DAV svn
# Set this to the path to your repository
#SVNPath /var/lib/svn
# Alternatively, use SVNParentPath if you have multiple repositories under
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
# You need either SVNPath and SVNParentPath, but not both.
SVNParentPath /opt/svn
# Access control is done at 3 levels: (1) Apache authentication, via
# any of several methods. A "Basic Auth" section is commented out
# below. (2) Apache <Limit> and <LimitExcept>, also commented out
# below. (3) mod_authz_svn is a svn-specific authorization module
# which offers fine-grained read/write access control for paths
# within a repository. (The first two layers are coarse-grained; you
# can only enable/disable access to an entire repository.) Note that
# mod_authz_svn is noticeably slower than the other two layers, so if
# you don‘t need the fine-grained control, don‘t configure it.
# Basic Authentication is repository-wide. It is not secure unless
# you are using https. See the ‘htpasswd‘ command to create and
# manage the password file - and the documentation for the
# ‘auth_basic‘ and ‘authn_file‘ modules, which you will need for this
# (enable them with ‘a2enmod‘).
AuthType Basic
AuthName "Subversion Repository"
#AuthUserFile /etc/apache2/dav_svn.passwd
# To enable authorization via mod_authz_svn
AuthzSVNAccessFile /etc/apache2/dav_svn.authz
#------------------------ldap配置------------------------------------------
# 在ldap找不到账号的情况下可以使用其它的认证方式(如,密码文件)
AuthzLDAPAuthoritative off
# openLDAP的管理账户
AuthLDAPBindDN "cn=admin,dc=zdy,dc=org"
AuthLDAPBindPassword admin
AuthBasicProvider ldap
# 认证数据来源:"dc=zdy,dc=org" 下所有子entity的uid作为认证用户名
AuthLDAPURL "ldap://192.168.2.209:389/dc=zdy,dc=org?uid?sub?(objectClass=*)"
# 设置目录权限,实现列表所有工程目录
Options Indexes FollowSymLinks
Order allow,deny
Allow from all
#--------------------------------------------------------------------
# The following three lines allow anonymous read, but make
# committers authenticate themselves. It requires the ‘authz_user‘
# module (enable it with ‘a2enmod‘).
#<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
#</LimitExcept>
</Location>
标签:
原文地址:http://my.oschina.net/haopeng/blog/376702
