Need help with Redmine.pm (for redmine-git-hosting) to use LDAP for authentication

Added by Gabriella Turek 3 months ago

Hello there, I've successfully installed and configured redmine-git-hosting + https access but I am having issues with authentication. Initially I set up authentication via the DB, but because I am using LDAP no password is being saved in the DB so I need to configure my http virtual host file for LDAP authentication. It is only mentioned in Redmine.pm that it is possible but It's not clear how to do it. Any help would be highly appreciated
Gaby

Replies (4)

RE: Need help with Redmine.pm (for redmine-git-hosting) to use LDAP for authentication - Added by Martin Denizet (redmine.org team member) 3 months ago

Hello,
This Apache2 conf works for me with LDAP on Debian 8 with latest Redmine vanilla, without plugins:

    # /git location for users
    # Git Smart HTTP configuration
    #From the Remine.pm patch file for git-smart-http:
    SetEnv GIT_PROJECT_ROOT /opt/gws/repos/git/
    SetEnv GIT_HTTP_EXPORT_ALL

    ScriptAlias /git/ /usr/lib/git-core/git-http-backend/

    PerlLoadModule Apache::Redmine

    <Location /git>
        <RequireAll>
                AuthName "git repositories" 
                Require valid-user
                AuthUserFile /dev/null
        </RequireAll>

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN "DBI:mysql:database=redmine;host=localhost" 
        RedmineDbUser "redmine" 
        RedmineDbPass "myredminemysqlpassword" 
        RedmineGitSmartHttp yes
    </Location>


Cheers,

RE: Need help with Redmine.pm (for redmine-git-hosting) to use LDAP for authentication - Added by Gabriella Turek 3 months ago

The vanilla setup does not work when you use LDAP in Redmine. The database does not contain the passwords, only the user names. The script mentions LDAP as a separate case, but does not go into detail on how to implement.
Gaby

RE: Need help with Redmine.pm (for redmine-git-hosting) to use LDAP for authentication - Added by Martin Denizet (redmine.org team member) 3 months ago

As said above, that's what I use for LDAP authentication for git on Redmine.
You don't have to take my word for it, see for yourself in the source: http://www.redmine.org/projects/redmine/repository/entry/tags/3.4.5/extra/svn/Redmine.pm#L32
That said, as written in the source, some Perl packages are required to be able to query LDAP (Perl script handles repository authentication).
If you cannot get it working, maybe you're missing these packages?
On Debian/Ubuntu:

apt-get install libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl libauthen-simple-ldap-perl libio-socket-ssl-perl

Your Apache error log can provide useful information to troubleshoot Redmine.pm problems.
Cheers,

RE: Need help with Redmine.pm (for redmine-git-hosting) to use LDAP for authentication - Added by Gabriella Turek 3 months ago

OK, it works thanx, I was trying to do something wrong to begin with

(1-4/4)