Can I authenticate SVN users against an SQL Server database table?
Question
I'm trying to setup a simple Document Management System for a Web-Application.
The Web-Application is written in PHP and uses a MSSQL DB.
In the MSSQL DB I have a Table "Persons" which identifies the Persons, a Table "Logins" which contains the Logins to the rows in the Table Persons, another Table called "SchoolClass" contains the SchoolClasses of the School.
With another table "PersonsToSchoolClasses" I'm able to determine which Person is in which class.
When we now look at this we can recognize, that the Table "Classes" contains the Groups, and "Persons" the User which we need in SVN.
This Classes and their associations can often change.
Now I experiment with svn. I recognized that it's exactly what I need.
I tried to set it up with the following Question posted on stackoverflow.com: How to set permissions in an svn repository?
Here it is described that I have to configure every group and every user by hand.
And now finally my Question:
Is it possible to configure the Groups and Users out of the Database Tables? Maybe with a SQL? I don't want to have some files where all users and groups are stored. Also the Passwords are already contained in the Database. I just need a way, that SVN takes these Tables and uses it.
1 answers
solution1
1 ACCPTED 2012-12-13 07:53:02
Is it possible to configure the Groups and Users out of the Databse Tables
It depends.
If you are using Subversion with Apache via mod_dav_svn , then it's not actually Subversion that handles the authentication, it's Apache. This means that you can use any method that Apache supports to perform authentication. The question you linked to is exclusively about using the svnserve program, not Apache.
It looks like you can use Apache's mod_authn_dbd to set up the authentication, and mod_dbd to set up the database access.
From the documentation, mod_dbd can connect to MS SQL Server using the FreeTDS library. However, there's a big fat security warning attached to this feature. In short, FreeTDS doesn't support prepared statements with parameterized queries. This means that it could be possible for users to perform SQL injection attacks unless you're very careful.
There's another drawback with this. Unless you happen to have been lucky enough to already have these modules available to you, you're going to need to get them compiled. It's not clear if you're on Linux or Windows, but it's going to be a real bear regardless.
There's also an ODBC driver, but it's described in the docs as being from a third party, meaning you'd almost surely have to compile it.
To be honest, I'd recommend against this approach unless you have the modules already at your fingertips. There is no shame in just writing out an .htpasswd file. Just remember to use Digest authentication .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.