Ross Boylan wrote: > Suppose I have apache running in front of a web application and > subversion. > > I am thinking of a scenario in which the web application provides a > login page. However, the user may also browse to web pages served by > subversion. > > Is there a way that my app can have someone log in and then pass the > identity and authentication "up" to appache? In particular, I'd want > this authentication used if the user browsed over to the subversion > repository. > > I'm assume a common source, e.g., LDAP, will provide user and password > information that is the same for my app and apache. > > A final wrinkle is that the application itself may access subversion via > http:// (https?) using either the identity of the user or, perhaps, a > separate identity the application runs under.
I've followed the thread and have one wrinkle to the problem to mention. subversion authentication, by default, is a hash of the encrypted password. simplified description: The svn client generates the hash against the password, sends both user name and the hash, subversion generates a hash against the stored password and compares the two, matching hashes grant write access. read only access doesn't require authentication from subversion. This was done to avoid passing actual login data across the net. Unless you are willing to write a module to enable the functionality you want in Apache, you might be better off in designing your system as a site script. There are a number of existing scripts that allow web browsing of subversion repositories. The write ( commit ) access issue makes a website / apache module a remote possibility, you would have to create the code to use the subversion authentication as a part of it. Jaqui --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
