# subversion apache LDAP?



## bigearsbilly (May 29, 2011)

I've setup a subversion server using the Apache mod_dav as the method. Obviously I want fine grained control of users. AFAIK it seems I could have htpasswd files for each repository, which will be a nightmare to maintain. Most of my clients will be Windows users so I don't want to create user accounts for them.

I will have many repositories, and I want users to have different access on different repos. e.g: johnc can rw java and Vstudio but only read server repo. I don't want to maintain different htpasswd files hence passwds for different users on  different repos I would like a central database where I can control it. 

Would LDAP do this? Or any other suggestions? Stress: I don't want to have users on the BSD box.


----------



## Sylgeist (May 31, 2011)

Yes, you can do that. If you set up your svn repositories in a standard way /usr/local/svn/reposname and use mod_ldap/authldap. That way you are using LDAP for auth and the dav.authz file for r/rw access.

The only issue (that I know of) with this method is that you can't do per-group LDAP access.


----------



## bigearsbilly (Jun 1, 2011)

Thanks for the reply. I've got it running just using apache htpasswd and groups files. which isn't too bad with our small company for the moment (at least I have something to show).

I'm planning on using nagios also and no doubt other toys for people to use, so a centralised authority would be the way to go. Remembering most of my clients are on Windows. I think I'll have to set aside time to study ldap.

Much obliged.


----------

