Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

apache/httpd using OS passwords?

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34071
331
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is it possible to use the Linux/UNIX operating system password for login? (I suspect the answer is no, but no harm in asking.)

What I'm really trying to accomplish - be able to access subversion at the command line without having to enter a password (so it can be run unattended.)
 
Vijitha Kumara
Bartender
Posts: 3913
9
Chrome Fedora Hibernate
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:What I'm really trying to accomplish - be able to access subversion at the command line without having to enter a password (so it can be run unattended.)


You mean doing "svn checkout" etc.. from command line ? Or exposing the svn through httpd ?
 
Tim Holloway
Saloon Keeper
Pie
Posts: 17989
47
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can. Do.

Apache supports a whole raft of plug-in authentication modules.

One thing to considers, however, is "which" login you want to use. What you're actually implying is that you want to use the userid/password for that particular server machine.

I use LDAP authentication on my machines (courtesy of PAM), so there's a master database for the user logins instead of maintaining logins on a per-machine basis. It makes user administration simpler and scales well. And the users don't end up with a different password on every machine - unless I make an exception. My root accounts are not authenticated against LDAP because I don't want someone who discovers the root password to end up with the keys to the whole farm.

For LDAP authentication, I use the mod_authz module.

However, I just reread that, and subversion puts an extra spin on it. I am, in fact, using LDAP mod_authz as my subversion credentials supplier since I use the Apache server interface for both command line and for Eclipse. However, if you use the Subversion command-line client, it should prompt you once and remember thereafter if I'm not hallucinating too much. The information gets stored in the ~/.subversion directory.

If it turns out I'm mis-remembering, you should still be able to set up prompt-free access using a security certificate.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34071
331
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes. Doing "svn checkout".

Tim: Thanks for a host of things to try on Monday.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic