Using SASL for LDAP/mod_authz_ldap

Darren Hartford dhartford at
Wed Oct 22 10:38:42 EDT 2008

Hey all,


Usecase blurb:

I've been trying to follow the *many* threads on both tigris and
collabnet where people are trying to get the 'svnserve' tool setup to
use SASL w/ ldap.  No one has met with success, or if they have there is
insufficient information to reproduce.


Discussions around saslauthd, auxprop, PAM, and EXTERNAL bounce around.


Most people have gone back to using apache/httpd with the mod_svn_dav
module to expose and secure their SVN repositories.  I personally have
had success securing with the mod_authz_ldap module.

<Location /svn>

  DAV svn

  SVNParentPath /var/svnroot

  AuthzSVNAccessFile /etc/opt/CollabNet_Subversion/conf/svn_access_file

  AuthType   Basic

  AuthName  "SVN repo"

  AuthLDAPURL   ldap://..../dc=blah, ou=blah?uid

  AuthBasicProvider file ldap

  AuthUserFile /etc/top/Collabnet_Subversion/conf/svn_auth_file

  AuthzLDAPAuthritative on

  AuthLDAPGroup AttributeIsDN off

  AuthLDAPGroupAttribute memberUid

  Require valid-user




How can we setup sasl to use an existing mod_authz_ldap setup for
securing another service such as 'svnserve' that uses SASL to re-use
already known security configurations?





-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Cyrus-sasl mailing list