allura-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cory Johns <cjo...@slashdotmedia.com>
Subject Re: SCM Auth & Allura Auth
Date Tue, 14 May 2013 17:30:52 GMT
I believe you are asking about how to integrate authentication in Allura
with authentication for SCM access; if I have misunderstood your question,
I apologize.

In order to create, refresh, or remove repositories, the Allura taskd
worker needs to have file system write permissions to the SCM folders, but
for most normal operation it really only needs read access.  Beyond that,
it doesn't put any restrictions on authentication for SCM access itself.

LDAP would certainly work to manage authentication, but it comes with its
own complications and I don't really have any experience setting up LDAP
for the SCM auth management.

There are a couple of approaches you could take for integrating local
authentication with the SCM.  You could create a
LocalAuthenticationProvider subclass that registered new users with the SCM
authentication system via its API or subprocess calls.  For example, if you
are using local system account authentication (e.g., git over ssh), the
provider would need to call useradd via subprocess.

Alternatively, you could use a single system user, possibly combined with
something like HTTP Basic Auth, to access the SCM, and then use a FUSE
filesystem to enforce access.  There is an implementation in the Allura
project under fuse/accessfs.py and documentation for using it under
Allura/docs/scm_host.rst.  This approach is more or less what we use at
SourceForge.


On Mon, May 13, 2013 at 10:56 PM, 王再國 <wangaguo@gmail.com> wrote:

> hi:
> Allura auth.method = ldap or Local
>
> if use the ldap. SCM can setting auth use ldap.
> if use Local. SCM how to auth use Allura account?
>
> sourceforge how to auth? old sourceforge & allura & scm & other app.
>
> wangaguo
>

Mime
View raw message