Hi guys,

I noticed that right now the SVN repositories on svn.zope.org can only be accessed using the "svn" and "svn+ssh" protocols. It occurred to me that by enabling "http" and "https" and going away from "svn" and "svn+ssh" a big win can be had in terms of administration.

- no need for machine accounts for developers
- no need for clunky SSH key management
- hook directly into existing authentication databases (LDAP of course ;)

In a different situation (a Apache-based webmail setup where all underlying mail components hook into LDAP for account and configuration data) I have used mod_authz_ldap successfully to re-use existing mail system authentication data for protecting access to the webmail site.

Since we already have LDAP as the basis for www.zope.org login information it should not be hard to add an attribute to contributors' records that can be used to determine access to e.g. "https://svn.zope.org/svn"; as a front door to the main repo or even specific sub-projects.

I'm hoping to flesh that out more when I complete migrating my own repositories to SVN in the next couple weeks.


Zope-Coders mailing list

Reply via email to