Project

General

Profile

Repositories access control with apache mod dav svn and mod perl » History » Version 2

Nicolas Chuche, 2007-11-18 21:13
TOC

1 1 Nicolas Chuche
h1. Repositories access control with apache mod dav svn and mod perl
2
3 2 Nicolas Chuche
{{>TOC}}
4
5 1 Nicolas Chuche
h2. overview
6
7
In this documentation, we will configure apache to delegate
8
authentication to mod_perl. It's tested on apache2 with mysql and
9
postgresql but should work with allmost every databases for which
10
there is a perl DBD module.
11
12
You need a Redmine re. 860 or later. If your Redmine is older than re .916, download "Redmine.pm":http://redmine.rubyforge.org/svn/trunk/extra/svn/Redmine.pm
13
14
You need to have a working apache on your SVN server and you must
15
install some modules at least mod_dav_svn, mod_perl2, DBI and DBD::mysql (or the
16
DBD driver for you database as it should work on allmost all
17
databases).
18
19
On Debian/ubuntu you must do :
20
21
<pre>
22
  aptitude install libapache2-svn libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl
23
</pre>
24
25
h2. enabling apache modules
26
27
On debian/ubuntu :
28
29
<pre>
30
a2enmod dav
31
a2enmod dav_svn
32
a2enmod perl
33
</pre>
34
35
h2. apache configuration
36
37
You need to copy "Redmine.pm" on your svn server and
38
add something like that to your apache configuration (for example in @/etc/APACHE_DIR/conf.d/@
39
40
You must change the Redmine.pm path and database informations to fit your needs.
41
42
<pre>
43
   PerlRequire /usr/local/apache/Redmine.pm
44
   <Location /svn>
45
     DAV svn
46
     SVNParentPath "/var/svn"
47
48
     AuthType Basic
49
     AuthName redmine
50
     Require valid-user
51
52
     PerlAccessHandler Apache::Authn::Redmine::access_handler
53
     PerlAuthenHandler Apache::Authn::Redmine::authen_handler
54
  
55
     ## for mysql
56
     PerlSetVar dsn DBI:mysql:database=databasename;host=my.db.server
57
     ## for postgres
58
     # PerlSetVar dsn DBI:Pg:dbname=databasename;host=my.db.server
59
60
     PerlSetVar db_user redmine
61
     PerlSetVar db_pass password
62
  </Location>
63
64
   # a private location in read only mode to allow Redmine browsing
65
   <Location /svn-private>
66
     DAV svn
67
     SVNParentPath "/var/svn"
68
     Order deny,allow
69
     Deny from all
70
     # only allow reading orders
71
     <Limit GET PROPFIND OPTIONS REPORT>
72
       Allow from redmine.server.ip
73
     </Limit>
74
   </Location>
75
</pre>
76
77
It will add add two Location directives, one /svn with authentication
78
and access control against the Redmine database for users and one
79
/svn-private in read-only with ip limitation for Redmine browsing.
80
81
And that's done. You can try to browse some public repository with :
82
<pre>
83
svn ls http://my.svn.server/svn/myproject
84
</pre>
85
86
If you try to browse some non public repository, it will ask you a password.