Posts

Showing posts from November, 2017

Subversion + HTTP with AD authentication, local authorization, on RHEL7

I wanted our users to be able to user their AD credentials for SVN access. I first thought about putting everything in AD, including two groups for each repo (one read, one write), but I ended up only using AD for authentication, leaving the permissions to a local file since there is only one SVN server. That is how the apache conf file looks like: <VirtualHost *:443>   ServerName servername.domain   ## Vhost docroot   DocumentRoot "/var/www/html"   ## Directories, there should at least be a declaration for /var/www/html   <Location "/repos">     Require valid-user     Require ldap-user     Dav svn     AuthType Basic     AuthName "Use your Windows Credentials"     AuthBasicProvider file ldap     AuthUserFile /etc/httpd/conf/auth-conf-svn     AuthLDAPURL "ldap://DC1/dc=example,dc=domain?sAMAccountName?sub?(objectClass=*)"     AuthLDAPBindDN "...