Wednesday, December 21, 2011

Subversion Deployment-Configuration: Installation/authentication/authorization steps in...

Installing Subversion
  • Execute the command sudo apt-get install subversion  libapache2-svn
    (libapache2-svn package contains: mod_dav_svn,mod_dav_auth to apache 2.2 webserver for dav access over http and https using webdav)
Creation of repository

  • After the subversion installation is completed we need to create repository
  • svnadmin create /home/svn
  • Once the repository creation is completed copy the file mod_dav_svn and mod_dav_auth from the location : c:\svn\bin\mod_dav_svn & c:\svn\bin\mod_dav_auth to c:\program files\apache software foundatino\apache2.2\module
Enabling http access
  • open the file c:\program files\apache group\apache2\conf\httpd.conf in one of the editor
  • Enabling Authenticationto enable authentication we need to add following  entries in the file mod_dav_svn.conf
  • authtype basic means it will ask for username and password while login and it will get the authenticated users from the file AuthuserFile /opt/share/svn/svn-auth-file











AuthType Basic using this whenever we will hit the svn url it will ask for ususername/password: 
<Location /svn>
  DAV svn
  SVNListParentPath on
  SVNParentPath D:\SVN
  #SVNIndexXSLT "/svnindex.xsl"
  AuthType Basic
  AuthName "Subversion repositories"
  AuthUserFile passwd
  AuthzSVNAccessFile svnaccessfile
  Require valid-user
</Location>




















Enabling Authorization
To enable path based authorization for svn repository we need to uncomment  the line AuthzSVNAccessFile svnaccessfile and
below is the sample of svnaccessfile for path based authorization   for svn repository.


[groups]
admin = john, kate
devteam1 = john, rachel, sally
devteam2 = kate, peter, mark
docs = bob, jane, mike
training = zak
# Default access rule for ALL repositories
# Everyone can read, admins can write, Dan German is excluded.
[/]
* = r
@admin = rw
dangerman =
# Allow developers complete access to their project repos
[proj1:/]
@devteam1 = rw
[proj2:/]
@devteam2 = rw
[bigproj:/]
@devteam1 = rw
@devteam2 = rw
trevor = rw
# Give the doc people write access to all the docs folders
[/trunk/doc]
@docs = rw
# Give trainees write access in the training repository only
[TrainingRepos:/]
@training = rw



Remote access with http (apache)

Remote access over http (https) is the only good solution for a larger user group. This method uses the apache authentication, not the local accounts. This is a typical but small apache configuration:
LoadModule dav_module         modules/mod_dav.so
LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so    # Only for access control

<Location /svn>
  DAV svn
  # any "/svn/foo" URL will map to a repository /home/svn/foo
  SVNParentPath /home/svn
  AuthType Basic
  AuthName "Subversion repository"
  AuthzSVNAccessFile /etc/apache2/svn.acl
  AuthUserFile /etc/apache2/svn-passwd
  Require valid-user
</Location>
Posted by at No comments:

Tuesday, December 20, 2011

Installation/authentication/authorization steps in subversion

Installing Subversion
  • Execute the command sudo apt-get install subversion  libapache2-svn
    (libapache2-svn package contains: mod_dav_svn,mod_dav_auth to apache 2.2 webserver for dav access over http and https using webdav)



  •     Creation of repository

    • After the subversion installation is completed we need to create repository
    • svnadmin create /home/svn
    • Once the repository creation is completed copy the file mod_dav_svn and mod_dav_auth from the location : c:\svn\bin\mod_dav_svn & c:\svn\bin\mod_dav_auth to c:\program files\apache software foundatino\apache2.2\module
    Enabling http access
    • open the file c:\program files\apache group\apache2\conf\httpd.conf in one of the editor
    • Enabling Authenticationto enable authentication we need to add following  entries in the file mod_dav_svn.conf
    • authtype basic means it will ask for username and password while login and it will get the authenticated users from the file AuthuserFile /opt/share/svn/svn-auth-file
    










AuthType Basic using this whenever we will hit the svn url it will ask for ususername/password: 
    <Location /svn>
  DAV svn
  SVNListParentPath on
  SVNParentPath D:\SVN
  #SVNIndexXSLT "/svnindex.xsl"
  AuthType Basic
  AuthName "Subversion repositories"
  AuthUserFile passwd
  AuthzSVNAccessFile svnaccessfile
  Require valid-user
</Location>



















    Enabling Authorization
    To enable path based authorization for svn repository we need to uncomment  the line AuthzSVNAccessFile svnaccessfile and
    below is the sample of svnaccessfile for path based authorization   for svn repository.


    [groups]
    admin = john, kate
    devteam1 = john, rachel, sally
    devteam2 = kate, peter, mark
    docs = bob, jane, mike
    training = zak
    # Default access rule for ALL repositories
    # Everyone can read, admins can write, Dan German is excluded.
    [/]
    * = r
    @admin = rw
    dangerman =
    # Allow developers complete access to their project repos
    [proj1:/]
    @devteam1 = rw
    [proj2:/]
    @devteam2 = rw
    [bigproj:/]
    @devteam1 = rw
    @devteam2 = rw
    trevor = rw
    # Give the doc people write access to all the docs folders
    [/trunk/doc]
    @docs = rw
    # Give trainees write access in the training repository only
    [TrainingRepos:/]
    @training = rw
    Posted by at No comments:
    Subscribe to: Comments (Atom)