Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#6701 Integrate allura authorization with Git/SVN(over HTTP)

forge-mar-21
closed
nobody
None
General
4
2014-03-20
2013-09-21
Rui Ferreira
No

Right now allura can set permissions for access to code repositories, but they are only applied when cloning repositories over ssh (because of fuse/accessfs). It would be nice if the same was also possible when Git/SVN are accessed over HTTP.

In our deployment we run Git(git-http-backend) SVN(Apache mod_svn), and we created an access handler for apache to handle Git and SVN requests, authenticating against LDAP, and checking permissions against the /repo_permissions/ web service.

I'm attaching the access handler script, with a Git config example inside. The SVN settings should be similar.

A few missing pieces:
- Unlike accessfs.py there is no caching yet
- Unfortunately I know nothing about Mercurial over HTTP so I never added support for it :S

Hopefully this is useful to someone out there

1 Attachments

Related

Chat: 533327be0594ca2901cf9dc9
Chat: 533327be0594ca2901cf9dcc
Tickets: #5424
Tickets: #7134
Tickets: #7287

Discussion

  • Cory Johns
    Cory Johns
    2014-03-19

    cj/6701

    I refactored the handler and converted it to POST to a (configurable) login URL for auth (e.g., /auth/do_login). The idea being that it use Allura to verify the auth, so that whatever auth method Allura is configured to use gets used automatically by the SCM.

     


Anonymous


Cancel   Add attachments