allura-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 王再國 <wanga...@gmail.com>
Subject Re: SCM Auth & Allura Auth
Date Thu, 16 May 2013 08:55:04 GMT
hi:
yes, I asking about "how to integrate authentication in Allura with
authentication for SCM access.".
I am sorry for my english is not so good.

We want use allura build a production forge site. Not a private forge.
I have implemented subverion server. Include http; svn; ssh protocol.
Use schroot; FUSE; LDAP.  But LDAP no sync with Allura.
And I want use LocalAuthenticationProvider not LDAP.

FUSE fuse/accessfs.py, only check permission from /auth/repo_permissions
API.
But, ssh; https; svn; git; protocol need login authentication.
If use API or subprocess calls to register a new user on SCM. How to set
the password?
Allura user password encode same with the linux password encode?

wangaguo


2013/5/15 Cory Johns <cjohns@slashdotmedia.com>

> I believe you are asking about how to integrate authentication in Allura
> with authentication for SCM access; if I have misunderstood your question,
> I apologize.
>
> In order to create, refresh, or remove repositories, the Allura taskd
> worker needs to have file system write permissions to the SCM folders, but
> for most normal operation it really only needs read access.  Beyond that,
> it doesn't put any restrictions on authentication for SCM access itself.
>
> LDAP would certainly work to manage authentication, but it comes with its
> own complications and I don't really have any experience setting up LDAP
> for the SCM auth management.
>
> There are a couple of approaches you could take for integrating local
> authentication with the SCM.  You could create a
> LocalAuthenticationProvider subclass that registered new users with the SCM
> authentication system via its API or subprocess calls.  For example, if you
> are using local system account authentication (e.g., git over ssh), the
> provider would need to call useradd via subprocess.
>
> Alternatively, you could use a single system user, possibly combined with
> something like HTTP Basic Auth, to access the SCM, and then use a FUSE
> filesystem to enforce access.  There is an implementation in the Allura
> project under fuse/accessfs.py and documentation for using it under
> Allura/docs/scm_host.rst.  This approach is more or less what we use at
> SourceForge.
>
>
> On Mon, May 13, 2013 at 10:56 PM, 王再國 <wangaguo@gmail.com> wrote:
>
>> hi:
>> Allura auth.method = ldap or Local
>>
>> if use the ldap. SCM can setting auth use ldap.
>> if use Local. SCM how to auth use Allura account?
>>
>> sourceforge how to auth? old sourceforge & allura & scm & other app.
>>
>> wangaguo
>>
>
>

Mime
View raw message