Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to make Subversion use Linux system accounts for authentication?

Tags:

svn

apache2

webdav

I've set up a Ubuntu Server for Subversion with Apache/WebDAV interface to share repositories with other developers. My question is, how can I make Subversion use the linux system accounts for authentication? This would lead to very easy Subversion account management. Subversion with Apache/WebDAV is currently working with this configuration:

Contents of /etc/apache2/mods-available/dav_svn.conf:

<Location /svn>
  DAV svn
  SVNParentPath /home/svn
  SVNListParentPath On
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd
  Require valid-user
</Location>

I have tried changing AuthUserFile /etc/apache2/dav_svn.passwd with AuthUserFile /etc/shadow with no success. This makes the server to respond with a error 500 internal server error. It's logical, why the Web service should have access to system authentication file?

Thanks a lot in advance!

like image 801
Alejandro García Iglesias Avatar asked Dec 23 '10 22:12

Alejandro García Iglesias

People also ask

What is SVN authentication?

Windows Authentication is a key feature of VisualSVN Server. This feature is designed for Active Directory domain environments and allows users to access VisualSVN Server with their Windows credentials.

What is SVN account?

SVN stands for Subversion. So, SVN and Subversion are the same. SVN is used to manage and track changes to code and assets across projects.

How do I add users to SVN?

svn Administering SVN Create new userSpecify user_name with the username you wish to add in above command. It will prompt to provide password for the user. If you are creating very first user, you need to add –c switch in above command, which will create the file.

1 Answers

Ok! I did it! And I thought it would be very hard to find the answer!

We have to tell Apache to use an "external authentication provider", Apache won't be checking for authentication, but will delegate the task to an external authenticator, in this case, the marvellous pwauth.

So the steps I did to make it work was:

  1. Install Mod_Auth_External module for Apache2 and pwauth

    sudo apt-get install libapache2-mod-authnz-external pwauth

  2. Enabled the new module for Apache: sudo a2enmod authnz_external in terminal.

  3. Configured my apache.conf (or you may have httpd.conf) to add the external authenticator (based on this article):

    AddExternalAuth pwauth /usr/local/libexec/pwauth
SetExternalAuthMethod pwauth pipe

  4. Edited my /etc/apache2/mods-available/dav_svn.conf to set the new external auth provider:

    ...
AuthType Basic
AuthName "Subversion Repository"
AuthBasicProvider external
AuthExternal pwauth
Require valid-user
...

  5. Tested and worked fine!

like image 95
Alejandro García Iglesias Avatar answered Sep 27 '22 20:09

Alejandro García Iglesias
Sign in to Comment

Related questions

Subversion Vendor Branches
Working locally with Git when main repository is SVN
SVN (Subversive in Eclipse) - compare branch to trunk?
What goes into Source Control?
(405 Method Not Allowed) in response to MKACTIVITY During Committing on Google Code
Piping data on Windows command prompt
What is the best practice for sharing a Visual Studio Project (assembly) among solutions
SVN commit with old date/time
what is tool like TortoiseSVN(Windows) on ubuntu? [closed]
SVN - how do I commit previous version back into svn?
SVN Error when committing Access denied: 'foobar' MKACTIVITY MYREPO:
SVNKit or JavaHL in Ubuntu 64 bits
Is it possible to rename svn tag
What's the best way to use SVN to version control a PHP site?
How to do internal svn:externals
How to repair obstructed directories in working copies
git-svn workflow for merging using svn.pushmergeinfo
IIS7 and ARR as reverse proxy for Subversion
Eclipse SVN synchronize problem
How to change the SVN URL to commit to?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!