Branch level permissions using Active Directory

1 view
Skip to first unread message

crunchcrunch

unread,
Dec 17, 2007, 1:29:18 PM12/17/07
to Repos Server
Hello all

I'm not sure if this is the appropriate group to be posting to, and if
not please let me know where I can post this question.

Is there anyone to setup Active Directory user permissions on branches
within a repository?

Thank you

Staffan Olsson

unread,
Dec 17, 2007, 1:55:30 PM12/17/07
to repos...@googlegroups.com
Hello,

I've never used Active Directory, but I might be able to point in some
directions.

Standard subversion access control is stored in a flat file. You'll
find it as "Subversion ACL" in the start menu folder for Repos Server.
The syntax is documented here:
http://svnbook.red-bean.com/en/1.4/svn.serverconfig.pathbasedauthz.html
If you're comfortable with storing permissions in a local file and if
usernames rarely change it might work for you.

Have you already connected Apache to Active Directory for
authentication? I guess there are common solutions for that.
It is also possible to use Apache to configure access control at the
HTTP level. Directives like Limit, LimitExcept and Require might be
useful. However this is tricky because most of the auth directives
apply only to Directory sections, which can't be used for repository
locations. See the apache manual
http://httpd.apache.org/docs/2.2/howto/auth.html for documentation.
mod_rewrite is another option, but it usually takes a lot of effort to
configure.

If you want some way to store permissions in Active Directory I don't
have a clue. My guess is that you'd have to rely on a 3rd party module
or filter connecting those permissions to Apache.

You can also try posting to the Subversion mailing list (see
http://subversion.tigris.org/).

/Staffan

Reply all
Reply to author
Forward
0 new messages