SVN LDAP Authentication on Apache
Thanks to this link I’ve successfully implemented the LDAP Authentication against a Microsoft Active Directory LDAP for Subversion Access via Apache2.
Thanks to the power and flexibility of Apache the configuration is really straightforward.
Install and configure Apache to serve the URL of the repository you want, for example https://svn.mydomain.com/ (SSL is preferable to clear text http).
Enable the DAV modules and the authnz_ldap extension.
Create an account in your AD to get access to the Directory (in this example ldap.svn). Create a Group in your AD (in this example SVNAllowed) where place the SVN-enabled users.
Add to the configuration of the Virtual Host this block:
AuthName "My SVN Repository"
AuthLDAPURL "ldap://dc.mycompany.com:389/DC=mycompany,DC=com?sAMAccountName?sub?(objectClass=*)" NONE
# Check if the user is in this LDAP Group:
require ldap-group CN=SVNAllowed,CN=Users,DC=mycompany,DC=com
And you are done!
Now every access to https://svn.mycompany.com/ will be authenticated against the AD backend. Access to https://svn.mycompany.com/svn/YourProject will be accessible only by the users in the group SVNAllowed.
You can also define fine-grained access to some repository (not included in this example).
Beware that Apache’ mod_ldap will cache the user credentials for a default value of 600 seconds. See the manual page of the module for more options.