How avoid to write the password in the configuration file of SVN?
7,350
Solution 1
One option is to put the AuthLDAPBindPassword
line in an appropriately chmodded file on its own, and use an Include
in the apcahe config to pull that file in. i.e.:
<Location /svn>
...
AuthLDAPBindDN [email protected]
Include my_ldap_password.conf
...
</Location>
This keeps the password secure, while leaving the rest of the config world readable.
Solution 2
some ldap servers allow anonymous binding. then [ afaik ] you dont need to provide bind password.
Related videos on Youtube
Author by
taintedlove
Updated on September 17, 2022Comments
-
taintedlove almost 2 years
I am configuring the server SVN Collabnet (v1.5.6.1 for Solaris 10). I succeeded to use the ldap server for SVN authentication. How avoid to write a non encrypted password (XXXXX, here) in the following configuration file (collabnet_subversion_httpd.conf)?
ServerName mccuatsv10:8080 Listen 8080 User csvn Group csvn <Location /svn> DAV svn SetHandler svn SVNParentPath /appli/svn/repositories/ AuthName "Subversion repository" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative On AuthLDAPBindDN [email protected] AuthLDAPBindPassword XXXXX AuthLDAPURL ldap://eur.msd.world.ibm:389/OU=Users,OU=Accounts,OU=FR,DC=eur,DC=msd,DC=world,DC=socgen?sAM AccountName?sub?(objectCategory=person) Require valid-user </Location>
-
taintedlove about 15 yearsbeside 15, cannot vote up but thanks a lot Here, our ldap server does not allow anonymous binding
-
geoffc about 15 yearsI strongly feel like there is a password file you can specify for LDAP auth, or am I remembering (incorrectly) the samba.conf for LDAP config? Memory is failing, need more RAM!
-
Admin over 13 years> One option is to put the AuthLDAPBindPassword line in an appropriately chmodded file on its own, and use an Include in the apcahe config to pull that file in I tried this and it didn't work. The Apache manual says that the Include directive is only allowed within the main body, Virtual Host, or Directory directives; the example above uses a Location directive (e.g. a proxy) and the Include always generates an error when Apache reads the included file.
-
MaPePeR over 3 yearsWhen testing this on Apache/2.4.46 it worked fine in the beginning, but was accumulating defunct
cat
processes in the background until it suddenly stopped working. A restart of apache fixed it temporarily. That's probably related to an apache issue reported in 2017: bz.apache.org/bugzilla/show_bug.cgi?id=61817