Return-Path: <users-return-24694-archive-asf-public=cust-asf.ponee.io@subversion.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id A68ED200AC0
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Tue, 24 May 2016 10:03:29 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id A5334160A27; Tue, 24 May 2016 08:03:29 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id ED7F8160A11
	for <archive-asf-public@cust-asf.ponee.io>; Tue, 24 May 2016 10:03:28 +0200 (CEST)
Received: (qmail 58297 invoked by uid 500); 24 May 2016 08:03:28 -0000
Mailing-List: contact users-help@subversion.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@subversion.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@subversion.apache.org>
List-Post: <mailto:users@subversion.apache.org>
List-Id: <users.subversion.apache.org>
Delivered-To: mailing list users@subversion.apache.org
Delivered-To: moderator for users@subversion.apache.org
Received: (qmail 35061 invoked by uid 99); 24 May 2016 07:52:01 -0000
X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.978
X-Spam-Level: *
X-Spam-Status: No, score=1.978 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd4-us-west.apache.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=diononline.onmicrosoft.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=DionOnline.onmicrosoft.com; s=selector1-dionglobal-com;
 h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=Qb6iE9KcfBKZyjghE/EiB18xMm3ILeKObGeV+fHUiRM=;
 b=DiTyZ3zEJdxJpYvpnRiK26QKfeX+SSK4bzd36tsx/ELazc9GRO3ilwruUM03E1GVTcUvqV9kkqx55JNNv+cROk2nkHxA9jWBFqC3ha7DWhcGVXoXKIiEqaZ5H/Ez48xPVku+lteM7w1em+tVxbztZYhAeVYPCJu024lrr898abY=
From: Dariusz Nowak <Dariusz.Nowak@dionglobal.com>
To: "users@subversion.apache.org" <users@subversion.apache.org>
Subject: LDAP Usage Question
Thread-Topic: LDAP Usage Question
Thread-Index: AQHRtZBqBWpss0+/6EewLQsdkL18Jg==
Date: Tue, 24 May 2016 07:51:46 +0000
Message-ID: <KL1PR04MB0981B81296CEF14D3C495515824F0@KL1PR04MB0981.apcprd04.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: subversion.apache.org; dkim=none (message not signed)
 header.d=none;subversion.apache.org; dmarc=none action=none
 header.from=dionglobal.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [25.165.15.4]
x-ms-office365-filtering-correlation-id: 18a5ab9e-cd25-4e44-f977-08d383a84229
x-microsoft-exchange-diagnostics: 1;KL1PR04MB0981;5:CAuBGS0uK6qt8LkZ68ExVcyDNPpaSUUPTLW5O6Ho3aV72VDtY2vy0WfcEWRnRCB5PzGwQqv2N2GRr05SUZmowtf3ASYtUG0r+ileBVjYuKlmW03tlkmuOryU+9PNyZrJ8Q8GOZDFIb2dmgQfo0tAlg==;24:d3SDkokGsIO4U7IjpdqoE98uPH0/DmxDKI2g0eo1F7yRtaxiFnMSwzXrE3YDZGzgATGPml93nH4G9lDfROl9TT/ihjivwoPsLWDzQ5QckQw=;7:PBncAXSrmzmt+zKmKxjx1sP01eqR6eKwhmjZOZ2UUFPoF0cskiz2JK3SVg7l4ry/af+asRRMCCbAOAI/JPTP6XzqwZUPy3oKb4TuJBwq1yDEJ6JtQ6DNj3ClGTV6rTTJ7L+4kqj7iWSnH0yTBNtCp4sVGQHKX2M38cP7GA/qW1/6yErbCK+L5tSupQMaUZy4
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:KL1PR04MB0981;
x-microsoft-antispam-prvs: <KL1PR04MB0981AA8AD59F7BA5D10ABBC1824F0@KL1PR04MB0981.apcprd04.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001);SRVR:KL1PR04MB0981;BCL:0;PCL:0;RULEID:;SRVR:KL1PR04MB0981;
x-forefront-prvs: 09525C61DB
x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(6009001)(87936001)(76576001)(450100001)(1220700001)(50986999)(2906002)(54356999)(3480700004)(5008740100001)(9686002)(189998001)(86362001)(102836003)(6116002)(2900100001)(586003)(3846002)(19625215002)(66066001)(92566002)(10400500002)(16236675004)(74316001)(5004730100002)(33656002)(5002640100001)(110136002)(2351001)(229853001)(11100500001)(77096005)(3280700002)(107886002)(5003600100002)(8676002)(106116001)(81166006)(8936002)(551544002)(1730700003)(19627405001)(2501003)(3660700001)(122556002);DIR:OUT;SFP:1101;SCL:1;SRVR:KL1PR04MB0981;H:KL1PR04MB0981.apcprd04.prod.outlook.com;FPR:;SPF:None;MLV:sfv;LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
	boundary="_000_KL1PR04MB0981B81296CEF14D3C495515824F0KL1PR04MB0981apcp_"
MIME-Version: 1.0
X-OriginatorOrg: dionglobal.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2016 07:51:46.8569
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 30152047-55b5-425a-ab2c-0fb8e5cd7992
X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1PR04MB0981
archived-at: Tue, 24 May 2016 08:03:29 -0000

--_000_KL1PR04MB0981B81296CEF14D3C495515824F0KL1PR04MB0981apcp_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hello,


I'm new in subversion world and tried to research something yesterday - wit=
hout success, so decided to post here. My question is related to authentica=
tion using LDAP.


My scenario is that I will require 2 auth methods (passwd + ldap) all of se=
rvices (like Jenkins) will use passwd + authz and all of "humans" will use =
their AD accounts.  I found really useful option in config aliasses however=
 got small problem applying to LDAP. And my question is:


Can I create aliasses for LDAP groups ? I want in my LDAP AUTH file to have=
 something like:

[aliases]

mygroup =3D CN=3DPATH,DN=3DTO,DN=3DLDAP,DN=3DGROUP


[/]

@mygroup =3D r


So I'm allowing for example every User object in my ldap tree to access, bu=
t later limiting it like that ... this is how our current setup works (a lo=
t of hardcoded user/groups in auth/passwd files and [/path/to/repo] =3D gro=
up1 =3D r, group2 =3D rw etc.

Trying to mimic that with LDAP


Regards

D

--_000_KL1PR04MB0981B81296CEF14D3C495515824F0KL1PR04MB0981apcp_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<style type=3D"text/css" style=3D"display:none;"><!-- P {margin-top:0;margi=
n-bottom:0;} --></style>
</head>
<body dir=3D"ltr">
<div id=3D"divtagdefaultwrapper" style=3D"font-size:12pt;color:#000000;back=
ground-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p>Hello,</p>
<p><br>
</p>
<p>I'm new in subversion world and tried to research something yesterday - =
without success, so decided to post here. My question is related to authent=
ication using LDAP.</p>
<p><br>
</p>
<p>My scenario is that I will require 2 auth methods (passwd &#43; ldap) al=
l of services (like Jenkins) will use passwd &#43; authz and all of &quot;h=
umans&quot; will use their AD accounts.&nbsp; I found really useful option =
in config aliasses however got small problem applying to
 LDAP. And my question is:</p>
<p><br>
</p>
<p>Can I create aliasses for LDAP groups ? I want in my LDAP AUTH file to h=
ave something like:</p>
<p>[aliases]</p>
<p>mygroup =3D CN=3DPATH,DN=3DTO,DN=3DLDAP,DN=3DGROUP</p>
<p><br>
</p>
<p>[/]</p>
<p>@mygroup =3D r</p>
<p><br>
</p>
<p>So I'm allowing for example every User object in my ldap tree to access,=
 but later limiting it like that ... this is how our current setup works (a=
 lot of hardcoded user/groups in auth/passwd files and [/path/to/repo] =3D =
group1 =3D r, group2 =3D rw etc.
<br>
</p>
<p><br>
Trying to mimic that with LDAP <br>
</p>
<p><br>
</p>
<p>Regards</p>
<p>D<br>
</p>
</div>
</body>
</html>

--_000_KL1PR04MB0981B81296CEF14D3C495515824F0KL1PR04MB0981apcp_--