Hello,

You could also consider Kerberos authentication. Then svn clients then do not have to store a local password and as a bonus you get a single signon. The svn clients uses the kerberos ticket which is created when logging in to the kerberos server.

I did not try this myself (I had some problems getting the whole kerberos+ldap etc etc authentication working at all with all kind of clients), and I don't know if all svn clients are kerberos capable.

I found this URL for a working unix svn client: https://svn.cse.ucdavis.edu/trac/UCDPloneSkin/wiki/UsingKerberosToAccessSvn and this one for a not working tortoise client: http://svn.haxx.se/users/archive-2006-08/1224.shtml

succes, Wessel


Sébastien Barthélemy wrote:

Hello everybody,

I'm wondering if it is possible for a user to have multiple password stored in ldap.

For instance, I store accounts for my users in ldap and  want
them to access
 - unix servers using ssh
 - svn repositories (using apache/webdav)

For unix servers and ssh, no problem, one could bind ldap with pam and this use case is well documented.

Apache (and thus svn) also can be bound to pam. However, many svn client store user password in clear in some text file, which a serious security risk for my unix server. Thus I would prefer to have a separate password for svn.


Is it possible in a standard way ? (How) can I store an additional in my ldap schema ?

Is such use case documented somewhere ?


Thanks a lot for any help,

Sebastien Barthelemy.

PS: I'm a beginner here, all I know about ldap is the book LDAP system
administration, so please excuse me if my question is naive, and don't
hesitate to redirect me to the good documentation.

--
Sébastien Barthélemy

--- You are currently subscribed to [EMAIL PROTECTED] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.


---
You are currently subscribed to [EMAIL PROTECTED] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the 
SUBJECT of the message.

Reply via email to