81 lines
2.2 KiB
Plaintext
81 lines
2.2 KiB
Plaintext
#
|
|
# This file contains sample configuration to enable LDAP authentication
|
|
# for subversion webdav access. The actual configuration can be more
|
|
# complex than this file depending on your requirement.
|
|
#
|
|
|
|
<Location "/svn">
|
|
DAV svn
|
|
SVNParentPath "@DEPOTDIR@/svnrepo"
|
|
#SVNListParentPath on
|
|
|
|
Order deny,allow
|
|
#Deny from all
|
|
#Satisfy any
|
|
|
|
# Uncomment SSLRequireSSL below to disallow non-SSL access.
|
|
# Note that SSL must be enabled site-wide to use it.
|
|
# SSLRequireSSL
|
|
|
|
AuthType Basic
|
|
AuthName "@PACKAGE@"
|
|
|
|
#
|
|
# configure authentication below
|
|
#
|
|
|
|
#
|
|
# Apache version 2.1 or later
|
|
# mod_authnz_ldap
|
|
#
|
|
AuthBasicProvider ldap
|
|
|
|
# prevent other authenticatication moudles from authenticating users
|
|
# if this one fails. Set it to 'off' for 'require valid-user' as it
|
|
# is handled by mod_authz_user.
|
|
AuthzLDAPAuthoritative on
|
|
|
|
AuthLDAPGroupAttribute memberUid
|
|
AuthLDAPGroupAttributeIsDN off
|
|
AuthLDAPRemoteUserIsDN off
|
|
|
|
# ldap binding information
|
|
AuthLDAPURL ldap://127.0.0.1:389/ou=users,dc=sample,dc=net?uid
|
|
AuthLDAPBindDN cn=admin,dc=sample,dc=net
|
|
AuthLDAPBindPassword xxxxxxx
|
|
|
|
#Require ldap-group cn=users,ou=groups,dc=sample,dc=net
|
|
|
|
# Enable find-grained access control using the access file.
|
|
# The specified file must be located under the repository/conf subdirectory.
|
|
# AuthzSVNRespsRelativeAccessFile requried subversion 1.7 or later.
|
|
# If you're using a older version, there are no automatic repostory
|
|
# protection according to the project type (public/private)
|
|
# You may have to use AuthzSVNAccessFile for manual control globally
|
|
# in such a case.
|
|
# AuthzSVNReposRelativeAccessFile access.conf
|
|
# Satisfy All
|
|
|
|
# allow anynymous/guest for viewing and checking out
|
|
<Limit GET HEAD OPTIONS REPORT PROPFIND>
|
|
# Use 'Allow from all' to allow anonymous access.
|
|
#Allow from all
|
|
|
|
# 'Required valid-user' is more strict in that it requires a valid
|
|
# user name and password. You may create a guest account to supplement
|
|
# anonymous access.
|
|
Require valid-user
|
|
</Limit>
|
|
|
|
# require authentication for other operations
|
|
<LimitExcept GET HEAD OPTIONS REPORT PROPFIND>
|
|
Require ldap-group cn=coders,ou=groups,dc=sample,dc=net
|
|
</LimitExcept>
|
|
|
|
#
|
|
# Apache version 2.0.41
|
|
# mod_auth_ldap
|
|
#
|
|
</Location>
|
|
|