Debian, Subversion, WebDAV, Active Directory

Today i had to implement WebDAV, subversion with Active Directory authentication. I started with the default debian/lenny installation of apache omitting Debian’s libapache2-svn package because i wanted to install the newest subversion release and use it’s modules instead.

Compiling subversion sources against Debian libs is pretty straightforward, I grabbed the newest source tarball from subversion’s web site, unpacked it, and compiled the same (x.x.x represents the version, in this case the version is 1.6.9).

# tar xzf subversion-x.x.x.tar.gz
# cd subversion-x-x-x
# ./configure --prefix=/usr/local/subversion \
> --with-apxs=/usr/bin/apxs2 --with-apr=/usr/bin/apr-config \
> --with-apr-util=/usr/bin/apr-config --with-neon=/usr \
> --with-sasl=/usr/lib/sasl2
# make
# make install

Once the compiling/installing process is over, we need to enable required apache2 modules:

# a2enmod dav_svn
# a2enmod authnz_ldap

After the step described above, i needed to edit/create some configuration files for newly enabled modules. First one in line was “dav_svn.conf” configuration file, followed by “authz” file which is mentioned after the configuration directive “AuthzSVNAccessFile“, and represents a standard subversion authorization mechanism file.

The “dav_svn.conf” file:

<Location /svn>
        DAV svn
        SVNParentPath /path/to/parent/path
        SVNListParentPath on
        AuthzSVNAccessFile /path/to/parent/path/conf/authz
 
        AuthBasicProvider ldap
        AuthType Basic
        AuthName "SVN"
        AuthLDAPURL "ldap://IP_OF_THE_DOMAIN_CONTROLLER:389/dc=DOMAINNAME,dc=TLD?sAMAccountName"
        AuthLDAPBindDN "cn=ADMINUSER,cn=Users,dc=DOMAINNAME,dc=TLD"
        AuthLDAPBindPassword supersecretpassword
 
        require valid-user
</Location>

Apache might complain after enabling “mod_authnz” module, so i made it to load after “dav_svn” module. In order to accomplish this, i simply added the “LoadModule” directive into the configuration file named “dav_svn.load“.

LoadModule dav_svn_module /usr/lib/apache2/modules/mod_dav_svn.so
LoadModule authz_svn_module /usr/lib/apache2/modules/mod_authz_svn.so

And that is it, restarted the apache daemon and accessed our WebDAV repo !

http://servername/svn

Tags: , , , , ,

This entry was posted on Sunday, February 21st, 2010 at 06:36and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Spam Protection by WP-SpamFree