LDAP authentication configuration for SVN under CentOS

Source: Internet
Author: User
Tags ldap

Prerequisite: Complete the basic installation of SVN

First, install SASL related components
# Yum install-y cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

Second, view the SASL version and the authentication module provided
# saslauthd-v

Third, modify the SASL user authentication mode for LDAP
# Cp/etc/sysconfig/saslauthd/etc/sysconfig/saslauthd.save # sed-i ' s/mech=pam/mech=ldap/'/ETC/SYSCONFIG/SASLAUTHD

Iv. Modify the SASL configuration file (new if not present)
# vi/etc/saslauthd.conf (The following information is configured according to the LDAP Service)ldap_servers:ldap://192.168.1.2ldap_bind_dn:cn=chengdu , dc=sichuan,dc=comldap_bind_pw:xxxxxxldap_search_base:dc=sichuan,dc=comldap_filter:uid=%  3Ldap_auth_method:bindldap_mech:DIGEST-32786

V. Restart the SASL service to test
# systemctl Restart SASLAUTHD # testsaslauthd-u User-p password

Six, modify the configuration file svn.conf, does not exist the new, currently do not know the role of this file
# vi/etc/sasl2/svn.conf Pwcheck_method:saslauthdmech_list:plain Login

Seven, restart the SASL service, and do the SVN related configuration
# Cat svnserve.conf [General]anon-access = Noneauth-access = write#password-db = passwd Authz-db ==/opt/svn/migu/spms[sasl]use-SASL = True

Eight, testing

Currently switched to LDAP authentication, theSVN service no longer calls the passwd file and no longer uses the user in Authz, but the permissions control of the LDAP user needs to be set in Authz.

A) take a user of LDAP as an example (chenhongyuwx),Authz do not modify permissions, use this user to access

Log in using the password for login SPMs

Login failed with no access permission

b) Authz read-only permission to CHENHONGYUWX, access using this user

Log in with the password of login SPMs, log in successfully, explain chenhongyuwx have Read permission, meet the configuration requirements

Upload file, use chenhongyuwx user commit failed, because chenhongyuwx only read permission, no write permission, meet the configuration requirements

c) Authz permission to read and write to chenhongyuwx, accessed using this user

Uploading the file, using chenhongyuwx user commit succeeds because Authz has read and write permissions set for it.

LDAP authentication configuration for SVN under CentOS

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.