我在Windows Server 2003上运行Apache/SVN,通过LDAP/Active Directory和平面文件进行身份验证.
除了任何 LDAP用户都可以访问所有内容之外,它工作得很好.我希望能够按用户或组限制SVN存储库.
理想情况下,我会得到这样的东西:
<Location /svn/repo1>
# Restricted to ldap-user1, file-user1, or members of ldap-group1,
# all others denied
</Location>
<Location /svn/repo2>
# Restricted to ldap-user2, file-user2, or members of ldap-group2,
# all others denied
</Location>
真正的诀窍可能是我有混合身份验证:LDAP和文件:
<Location /svn>
DAV svn
SVNParentPath C:/svn_repository
AuthName "Subversion Repository"
AuthType Basic
AuthBasicProvider ldap file
AuthUserFile "svn-users.txt" #file-based, custom users
AuthzLDAPAuthoritative On
AuthLDAPBindDN ldapuseraccount@directory.com
AuthLDAPBindPassword ldappassword
AuthLDAPURL ldap://directory.com:389/cn=Users,dc=directory,dc=com?sAMAccountName?sub?(objectCategory=person)
Require valid-user
</Location>
在我的谷歌搜索中,我看到有些人通过authz像这样拉入文件来实现这一点:
<Location /svn>
...
AuthzSVNAccessFile "conf/svn-authz.txt"
</Location …