SVN : LDAP / Active Directory Integration

Para configurarmos o serviço SVN com o LDAP ou Active Directory , pode ser seguido o modelo abaixo :

1) Configuração do arquivo /etc/httpd/conf.d/svn_service.conf :

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /RepositorioA/>

  DAV svn
  SVNParentPath "<SVN Root>/repositorioA"
  SVNListParentPath on
  SVNIndexXSLT "/svnindex.xsl"
  AuthType Basic
  AuthName "Subversion Repository"
  AuthBasicProvider "ldap"
  AuthLDAPURL "ldap://<LDAP SERVER>:389/OU=User,DC=Example,DC=COM?sAMAccountName??(objectClass=*)"
  AuthLDAPBindDN "<Domain User>" #Example : EXAMPLE\user_svn
  AuthLDAPBindPassword "*********"

  # To enable authorization via mod_authz_svn
  AuthzSVNAccessFile "/etc/httpd/svn_auth/dav_repo.authz"
    Require valid-user

</Location>

<Location /RepositorioB/>

  DAV svn
  SVNParentPath "<SVN Root>/svn-repository/repositorioB"
  SVNListParentPath on
  SVNIndexXSLT "/svnindex.xsl"
  AuthType Basic
  AuthName "Subversion Repository"
  AuthBasicProvider "ldap"
  AuthLDAPURL "ldap://<LDAP SERVER>:389/OU=User,DC=Example,DC=COM?sAMAccountName??(objectClass=*)"
  AuthLDAPBindDN "<Domain User>" #Example : EXAMPLE\user_svn
  AuthLDAPBindPassword "*********"

  # To enable authorization via mod_authz_svn
  AuthzSVNAccessFile "/etc/httpd/svn_auth/dav_repo.authz"
    Require valid-user
</Location>

2) Definições de políticas para usuário e grupo :

No exemplo abaixo estamos configurando o grupo de acesso para o repositório A e o repositório B e as devidas permissões de escrita e leitura.

#Repo A Group 
team-repoA=client1, client2

#Repo B Group 
team-repoB=client3, client4

[RepoA:/]
@team-repoA = rw
@team-repoB = r

[RepoB:/]
@team-repoA = r
@team-repoB = rw