Guest User

SVN WebDAV LDAP apache example

a guest
Mar 24th, 2017
250
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #mount /subversion as a separated partition to ease backup and restore
  2.  
  3. #when setting up the server, debugging is a good option
  4. LogLevel debug
  5.  
  6. # Enable separated Subversion logging
  7. CustomLog /subversion/logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
  8.  
  9. #specify here root ca cert of ldap server
  10. LDAPTrustedGlobalCert CA_BASE64 /etc/yourcompany/root.pem
  11. LDAPVerifyServerCert On
  12. LDAPTrustedMode SSL
  13.  
  14. #Force SSL site access only
  15. <VirtualHost *:80>
  16. ServerName svn.yourcompany.net
  17. UseCanonicalName Off
  18. ServerAdmin administrator@yourcompany.net
  19. DocumentRoot /subversion/Repositories
  20. Redirectmatch permanent (.*) https://svn.yourcompany.net$1
  21. </VirtualHost>
  22.  
  23. <VirtualHost *:443>
  24. ServerName svn.yourcompany.net
  25. ServerAdmin administrator@yourcompany.net
  26. DocumentRoot /subversion/Repositories
  27. SSLEngine on
  28. SSLCertificateFile /etc/yourcompany/svn.yourcompany.net.crt
  29. SSLCertificateKeyFile /etc/yourcompany/keys/svn.yourcompany.net.key
  30. SSLCertificateChainFile /etc/yourcompany/root.pem
  31.  
  32. #RedirectMatch ^(/Repositories)$ $1/
  33.  
  34. <Location "/">
  35.  
  36. # Enable Subversion
  37. DAV svn
  38.  
  39. # Directory containing all repository for this path
  40. SVNParentPath /subversion/Repositories
  41.  
  42. # List repositories colleciton
  43. SVNListParentPath On
  44.  
  45. # Enable WebDAV automatic versioning
  46. SVNAutoversioning On
  47.  
  48. # Repository Display Name
  49. SVNReposName "SVN Server"
  50.  
  51. # Do basic password authentication in the clear
  52. AuthType Basic
  53.  
  54. # The name of the protected area or "realm"
  55. AuthName "<http://svn.yourcompany.net>"
  56.  
  57. # Make LDAP the authentication mechanism
  58. AuthBasicProvider ldap
  59.  
  60. # Make LDAP authentication is final
  61. # Option removed on apache 2.4.x
  62. #AuthzLDAPAuthoritative on
  63.  
  64. # Active Directory requires an authenticating DN to access records
  65. # Take note we need the distinguished name, not sAMAccountName
  66. AuthLDAPBindDN "CN=svnserver ldap login,CN=Users,DC=yourcompany,DC=com"
  67.  
  68. # This is the password for the AuthLDAPBindDN user in Active Directory
  69. AuthLDAPBindPassword yoursecretpassword
  70.  
  71. # The LDAP query URL
  72. # use port 3268/3269 to access global catalog
  73. # AuthLDAPURL "ldap://dc01.yourcompany.com:3268/DC=yourcompany,DC=com?sAMAccountName?sub?(objectClass=user)"
  74. AuthLDAPURL "ldaps://dc01.yourcompany.com:3269/DC=yourcompany,DC=com?sAMAccountName?sub?(objectClass=user)"
  75.  
  76. # Require a valid user
  77. Require valid-user
  78.  
  79. # Authorization file
  80. #AuthzSVNAccessFile /subversion/ACL/repos.acl
  81. </Location>
  82. </VirtualHost>
RAW Paste Data