svn+ apache + ldap 配置

svn+ apache + ldap 配置:
<Location />

  # Uncomment this to enable the repository
  DAV svn

  # Set this to the path to your repository
  #SVNPath /var/lib/svn
  # Alternatively, use SVNParentPath if you have multiple repositories under
  # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
  # You need either SVNPath and SVNParentPath, but not both.
  SVNParentPath /opt/svn

  # Access control is done at 3 levels: (1) Apache authentication, via
  # any of several methods.  A "Basic Auth" section is commented out
  # below.  (2) Apache <Limit> and <LimitExcept>, also commented out
  # below.  (3) mod_authz_svn is a svn-specific authorization module
  # which offers fine-grained read/write access control for paths
  # within a repository.  (The first two layers are coarse-grained; you
  # can only enable/disable access to an entire repository.)  Note that
  # mod_authz_svn is noticeably slower than the other two layers, so if
  # you don‘t need the fine-grained control, don‘t configure it.

  # Basic Authentication is repository-wide.  It is not secure unless
  # you are using https.  See the ‘htpasswd‘ command to create and
  # manage the password file - and the documentation for the
  # ‘auth_basic‘ and ‘authn_file‘ modules, which you will need for this
  # (enable them with ‘a2enmod‘).
  AuthType Basic
  AuthName "Subversion Repository"
  #AuthUserFile /etc/apache2/dav_svn.passwd

  # To enable authorization via mod_authz_svn
  AuthzSVNAccessFile /etc/apache2/dav_svn.authz

#------------------------ldap配置------------------------------------------

  # 在ldap找不到账号的情况下可以使用其它的认证方式(如,密码文件)
  AuthzLDAPAuthoritative off  
  # openLDAP的管理账户 
  AuthLDAPBindDN "cn=admin,dc=zdy,dc=org"
  AuthLDAPBindPassword admin
  AuthBasicProvider ldap

  # 认证数据来源:"dc=zdy,dc=org" 下所有子entity的uid作为认证用户名
  AuthLDAPURL "ldap://192.168.2.209:389/dc=zdy,dc=org?uid?sub?(objectClass=*)"

  # 设置目录权限,实现列表所有工程目录 
  Options Indexes FollowSymLinks
  Order allow,deny
  Allow from all

#--------------------------------------------------------------------

  # The following three lines allow anonymous read, but make
  # committers authenticate themselves.  It requires the ‘authz_user‘
  # module (enable it with ‘a2enmod‘).
  #<LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  #</LimitExcept> 

</Location>



郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。