Hi guys,
I noticed that right now the SVN repositories on svn.zope.org can
only be accessed using the "svn" and "svn+ssh" protocols. It occurred
to me that by enabling "http" and "https" and going away from "svn"
and "svn+ssh" a big win can be had in terms of administration.
- no need for machine accounts for developers
- no need for clunky SSH key management
- hook directly into existing authentication databases (LDAP of
course ;)
In a different situation (a Apache-based webmail setup where all
underlying mail components hook into LDAP for account and
configuration data) I have used mod_authz_ldap successfully to re-use
existing mail system authentication data for protecting access to the
webmail site.
Since we already have LDAP as the basis for www.zope.org login
information it should not be hard to add an attribute to
contributors' records that can be used to determine access to e.g.
"https://svn.zope.org/svn" as a front door to the main repo or even
specific sub-projects.
I'm hoping to flesh that out more when I complete migrating my own
repositories to SVN in the next couple weeks.
jens
_______________________________________________
Zope-Coders mailing list
Zope-Coders@zope.org
http://mail.zope.org/mailman/listinfo/zope-coders
I noticed that right now the SVN repositories on svn.zope.org can
only be accessed using the "svn" and "svn+ssh" protocols. It occurred
to me that by enabling "http" and "https" and going away from "svn"
and "svn+ssh" a big win can be had in terms of administration.
- no need for machine accounts for developers
- no need for clunky SSH key management
- hook directly into existing authentication databases (LDAP of
course ;)
In a different situation (a Apache-based webmail setup where all
underlying mail components hook into LDAP for account and
configuration data) I have used mod_authz_ldap successfully to re-use
existing mail system authentication data for protecting access to the
webmail site.
Since we already have LDAP as the basis for www.zope.org login
information it should not be hard to add an attribute to
contributors' records that can be used to determine access to e.g.
"https://svn.zope.org/svn" as a front door to the main repo or even
specific sub-projects.
I'm hoping to flesh that out more when I complete migrating my own
repositories to SVN in the next couple weeks.
jens
_______________________________________________
Zope-Coders mailing list
Zope-Coders@zope.org
http://mail.zope.org/mailman/listinfo/zope-coders