Configuring Subversion to use system users/passwords
I’m using Subversion 1.6.1 with Apache, on a Linux machine. The server is running over http, not https.
I want to allow people to authenticate using the same login/password that they use to log into the machine via SSH. The SVN manual only explains how to use HTTP Basic Auth and Digest authentication. But with these approaches, I need to maintain a separate list of users, and they can’t change their own passwords. I’d prefer to just use the system’s users.
- How do I do this?
- Is this wise?
4 Solutions collect form web for “Configuring Subversion to use system users/passwords”
The question mentions basic/digest auth. First, note that basic/digest auth refers to the protocol between server and browser to communicate the user/password (on Apache 2.2, using authentication front-end modules such as mod_auth_digest and mod_auth_basic).
Behind the scenes, Apache can use a number of different sources of user/password information to check against. mod_authn_file which uses a “password file” is a common one, and it sounds as though that’s what you’re referring to.
To access the system user/password on a Linux box, Apache project itself doesn’t provide any authentication back-end modules, but there are 3rd-party ones available. See this article which may be helpful:
Apache 2.2 authentication with mod_authnz_external
I would say this is a perfect serverfault question.
BUT, I do it using WebDav in Apache and pwauth.
Any particular reason not to just access it via svn + ssh, since they have accounts?
We have authentication against a windows domain set up with
mod_auth_sspi. No problems so far.