subversion apache LDAP?

[bigearsbilly]

I've setup a subversion server using the Apache mod_dav as the method. Obviously I want fine grained control of users. AFAIK it seems I could have htpasswd files for each repository, which will be a nightmare to maintain. Most of my clients will be Windows users so I don't want to create user accounts for them.

I will have many repositories, and I want users to have different access on different repos. e.g: johnc can rw java and Vstudio but only read server repo. I don't want to maintain different htpasswd files hence passwds for different users on different repos I would like a central database where I can control it.

Would LDAP do this? Or any other suggestions? Stress: I don't want to have users on the BSD box.

 

[Sylgeist]

Yes, you can do that. If you set up your svn repositories in a standard way /usr/local/svn/reposname and use mod_ldap/authldap. That way you are using LDAP for auth and the dav.authz file for r/rw access.

The only issue (that I know of) with this method is that you can't do per-group LDAP access.

 

[bigearsbilly]

Thanks for the reply. I've got it running just using apache htpasswd and groups files. which isn't too bad with our small company for the moment (at least I have something to show).

I'm planning on using nagios also and no doubt other toys for people to use, so a centralised authority would be the way to go. Remembering most of my clients are on Windows. I think I'll have to set aside time to study ldap.

Much obliged.