Using SASL for LDAP/mod_authz_ldap
Darren Hartford
dhartford at ghsinc.com
Wed Oct 22 10:38:42 EDT 2008
Hey all,
Usecase blurb:
I've been trying to follow the *many* threads on both tigris and
collabnet where people are trying to get the 'svnserve' tool setup to
use SASL w/ ldap. No one has met with success, or if they have there is
insufficient information to reproduce.
Discussions around saslauthd, auxprop, PAM, and EXTERNAL bounce around.
Most people have gone back to using apache/httpd with the mod_svn_dav
module to expose and secure their SVN repositories. I personally have
had success securing with the mod_authz_ldap module.
<Location /svn>
DAV svn
SVNParentPath /var/svnroot
AuthzSVNAccessFile /etc/opt/CollabNet_Subversion/conf/svn_access_file
AuthType Basic
AuthName "SVN repo"
AuthLDAPURL ldap://..../dc=blah, ou=blah?uid
AuthBasicProvider file ldap
AuthUserFile /etc/top/Collabnet_Subversion/conf/svn_auth_file
AuthzLDAPAuthritative on
AuthLDAPGroup AttributeIsDN off
AuthLDAPGroupAttribute memberUid
Require valid-user
</Location>
Question:
How can we setup sasl to use an existing mod_authz_ldap setup for
securing another service such as 'svnserve' that uses SASL to re-use
already known security configurations?
Thanky,
-D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20081022/7fd0e7a7/attachment.html
More information about the Cyrus-sasl
mailing list