LDAP Groups and Git Source Code Hosting

We want to host our own repositories in our Company. We need LDAP support especially with Groups. So I want that User from Group A can’t access Projects of Group B. Not even Read it, if it is not allowed.

I also don’t want to use https. So best is, if the user logs into the webpage (LDAP login) and uploads his SSH key. After that he should be able to see only projects/repositories for his LDAP group or for all Groups he is in.

  • deploying a website/webapp via git/gitolite permissions error
  • Why is the git command to switch branches named “git checkout”?
  • What are the advantages of writing a Maven plugin in Groovy compared with Java?
  • Git: restricting the master branch?
  • git review doesn't work? but I am able to see my changes when I do a push. What am I doing wrong?
  • Move code from Mercurial to Bitbucket
  • Thank you for Your Help!
    Joerg

  • Capistrano release not publishing
  • git push fails: `refusing to update checked out branch: refs/heads/master`
  • LibGit2Sharp get all commits since {Hash}
  • Angular2 .gitignore
  • New git diff compaction heuristic isn't working
  • Redmine And Bitbucket Git
  • 2 Solutions collect form web for “LDAP Groups and Git Source Code Hosting”

    Found a helpful solution. I used Gitolite and wrote my own script. Gitolite allows you to use a script to ask the LDAP/AD for the groups. With this Website you can create your own SSH-Key form. For browsing the repos, you can use gitweb with gitolite! Besides the SSH-Key-Form I got everything is up & running.

    You could use an authorization layer like Gitolite, which would then be able to get group information through LDAP scripts.
    The native way of accessing the repo managed by Gitolite would remain SSH.

    Large sites often have LDAP servers that already contain user and group information, including group membership details.
    Such sites may prefer that gitolite just pick up that info instead of having to redundantly put it in gitolite’s config file.

    All you need is a script that, given a username, queries your LDAP or similar server, and returns a space-separated list of all the groups she is a member of.
    If an invalid user name is sent in, or the user is valid but is not part of any groups, it should print nothing.

    Git Baby is a git and github fan, let's start git clone.