top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Has anyone in here successfully integrated SVN with Active Directory for user authentication?

+1 vote
426 views

Has anyone in here successfully integrated SVN with Active Directory for user authentication? We are currently using FreeIPA and user account management is the bane of my existence. If anyone has or knows of any documentation for integrating Active Directory with SVN (preferably 1.9 since we are going to upgrade to that version) that would be much appreciated.

posted Apr 19, 2016 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

I have, just recently in fact. The trick is to use SASL with LDAP. I only use authentication at this point and don't use AD groups for authorization.

I'm using a RHEL7 as my svn server which bundles SVN 1.7. I can't imagine the configuration of the server would be drastically different from 1.7 to 1.9.

So far the only burr in the saddle has been making sure the clients support SASL/PLAIN -- most do, but Eclipse with Subclipse was a failure.

As long as you're fine with passing credentials in cleartext, then this will work for you. If you need SSL encryption, then you will probably need to add Apache. Trying to get the RedHat-supplied svn and Apache components to work together was a non-starter, and trying to build everything from source on RHEL didn't work either.

answer Apr 19, 2016 by Anderson
Similar Questions
0 votes

Question about the http authentication when using the subversion api 1.8.13.

For example using the svn_client_list3' function: Everytime this function is called the first http request does not contain any Authorization header which leads to a 401 Authorization Required' response.

In my opinion this leads to an unnecessary delay when the function is called multiple times and the same credentials could be used.

When calling this function the svn_client_ctx_t contains an svn_auth_baton_t with set default username and default password parameters.

Now to my actual question:

Can this behaviour somehow be changed or is it just designed to work this way? I also know that the version I'm using is not the newest one so if you think an upgrade to a newer version could lead to some performance improvement please let me know.

0 votes

Is there a way to detect that current directory is the root of SVN repository by reading files into .svn directory ? I think "svn info" could be used for that. Problem is that some machines may not have access to "svn" command line (if using tortoise and svn is not in command PATH for example).

In case "svn info" (or any other command line) is the only way, what would be the proper way to do it ?

+2 votes

I noticed that the size of the .svn/pristine directory can get huge over time (several times the expected size). A "svn cleanup" solves the problem, but

  1. this isn't documented (I'm wondering how many users know that);
  2. this isn't automatic.

About (2), svn could warn the user when a cleanup could be needed. I don't know what is the best solution.

...