Skip to main content
Enterprise Agile Planning icon with arrows

This post is from the CollabNet VersionOne blog and has not been updated since the original publish date.

Last Updated Mar 28, 2007 — Enterprise Agile Planning expert

Subversion LDAP Authentication with Apache

Enterprise Agile Planning

This blog entry is now obsolete.  A newer, more in-depth version is  
available here:
Subversion with  
Apache and LDAP: Updated

More and more companies are using directory services for housing their user credentials and information.  Example directory services are Active Directory, eDirectory and OpenLDAP.  How does this relate to Subversion?  Well, in the enterprise deployments I’ve been involved with, most clients wanted to harness their existing directory services for their Subversion authentication.  This blog post will explain the simplicity of hooking up Apache to your directory service using mod_auth_ldap, giving you the ability to authenticate against your existing user data store.

As of now, the only way to utilize your directory service for authentication is by using Apache as your network layer.  This allows you to use any of the available authentication options to Apache for your Subversion authentication and with mod_auth_ldap, Apache can authenticate against your directory service for Subversion.

Before we get started modifying our Apache configuration file, lets look at the simplest Location directive possible for exposing a Subversion repository via Apache:

<Location /repos>
  # Enable Subversion
  DAV svn

  # Directory containing all repository for this path
  SVNParentPath /absolute/path/to/directory/containing/your/repositories

Now lets modify this to add mod_auth_ldap support for the authentication portion of the Location directive above:

<Location /repos>
  # Enable Subversion
  DAV svn

  # Directory containing all repository for this path
  SVNParentPath /absolute/path/to/directory/containing/your/repositories

  # LDAP Authentication & Authorization is final; do not check other databases
  AuthLDAPAuthoritative on

  # Do basic password authentication in the clear
  AuthType Basic

  # The name of the protected area or "realm"
  AuthName "Your Subversion Repository"

  # Active Directory requires an authenticating DN to access records
  # This is the DN used to bind to the directory service
  # This is an Active Directory user account
  AuthLDAPBindDN "CN=someuser,CN=Users,DC=your,DC=domain"

  # This is the password for the AuthLDAPBindDN user in Active Directory
  AuthLDAPBindPassword somepassword

  # The LDAP query URL
  # Format: scheme://host:port/basedn?attribute?scope?filter
  # The URL below will search for all objects recursively below the basedn
  # and validate against the sAMAccountName attribute
  AuthLDAPURL "ldap://your.domain:389/DC=your,DC=domain?sAMAccountName?sub?(objectClass=*)"

  # Require authentication for this Location
  Require valid-user

Use the in-line comments in the code above to better understand the Apache configuration directives for mod_auth_ldap.  With the above example (which you need to modify for your environment) you can have Apache authenticate your Subversion users against your Active Directory directory service.  The above will also work for other directory services but with minor modifications in the AuthLDAPURL.  For more information, you can consult the mod_auth_ldap documentation linked to in the first paragraph.  Although this post is short, I hope it adds value to those who read it.

More from the Blog

View more
adoption boom
Oct 25, 2021

Remote work fueled an agile adoption boom in 2020

Enterprise Agile Planning
The COVID-19 pandemic was a catalyst for major changes — not only in t ...
Read More
practicing agile
Oct 21, 2021

How are organizations practicing agile in the year 2021?

Enterprise Agile Planning
We've talked about the boom in the adoption of agile concepts and prac ...
Read More
non tech
Oct 07, 2021

Agile spreads beyond IT: How IT benefits "non-tech" enterprise departments

Enterprise Agile Planning
As a result of COVID-19 forcing worldwide office closures, by mid-Apri ...
Read More DevOps Value Stream Delivery for SAFe®
Sep 27, 2021 announces first end-to-end, AI-driven solution for the Scaled Agile Framework (SAFe)

Enterprise Agile Planning
The DevOps Value Stream Delivery for SAFe®, one of the only ...
Read More
Contact Us