svn+ apache + ldap 配置

svn+ apache + ldap 配置：

<Location />

  # Uncomment this to enable the repository
  DAV svn

  # Set this to the path to your repository
  #SVNPath /var/lib/svn
  # Alternatively, use SVNParentPath if you have multiple repositories under
  # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
  # You need either SVNPath and SVNParentPath, but not both.
  SVNParentPath /opt/svn

  # Access control is done at 3 levels: (1) Apache authentication, via
  # any of several methods.  A "Basic Auth" section is commented out
  # below.  (2) Apache <Limit> and <LimitExcept>, also commented out
  # below.  (3) mod_authz_svn is a svn-specific authorization module
  # which offers fine-grained read/write access control for paths
  # within a repository.  (The first two layers are coarse-grained; you
  # can only enable/disable access to an entire repository.)  Note that
  # mod_authz_svn is noticeably slower than the other two layers, so if
  # you don‘t need the fine-grained control, don‘t configure it.

  # Basic Authentication is repository-wide.  It is not secure unless
  # you are using https.  See the ‘htpasswd‘ command to create and
  # manage the password file - and the documentation for the
  # ‘auth_basic‘ and ‘authn_file‘ modules, which you will need for this
  # (enable them with ‘a2enmod‘).
  AuthType Basic
  AuthName "Subversion Repository"
  #AuthUserFile /etc/apache2/dav_svn.passwd

  # To enable authorization via mod_authz_svn
  AuthzSVNAccessFile /etc/apache2/dav_svn.authz

#------------------------ldap配置------------------------------------------

  # 在ldap找不到账号的情况下可以使用其它的认证方式(如,密码文件)
  AuthzLDAPAuthoritative off  
  # openLDAP的管理账户 
  AuthLDAPBindDN "cn=admin,dc=zdy,dc=org"
  AuthLDAPBindPassword admin
  AuthBasicProvider ldap

  # 认证数据来源："dc=zdy,dc=org" 下所有子entity的uid作为认证用户名
  AuthLDAPURL "ldap://192.168.2.209:389/dc=zdy,dc=org?uid?sub?(objectClass=*)"

  # 设置目录权限，实现列表所有工程目录 
  Options Indexes FollowSymLinks
  Order allow,deny
  Allow from all

#--------------------------------------------------------------------

  # The following three lines allow anonymous read, but make
  # committers authenticate themselves.  It requires the ‘authz_user‘
  # module (enable it with ‘a2enmod‘).
  #<LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  #</LimitExcept> 

</Location>