使用 MySQL 的 SVN 身份验证

2021-11-11 00:00:00 svn mysql apache2 mod-auth

我正在尝试通过 MySQL 设置每个存储库的 SVN 身份验证,但我遇到了一些问题.

I'm trying to setup per repository SVN authentication via MySQL but I'm having a few problems.

首先mod_authn_dbd和mod_auth_mysql有什么区别?

其次,我已经有一个 MySQL 数据库设置,其中包含一个用于用户、组和权限的表.是否可以使用这些 mod 中的任何一个链接到我当前的权限系统,其中需要用户名、密码和权限才能访问存储库(每个存储库最好具有读取权限和写入权限)

Secondly I already have a MySQL database setup with a table for users, groups and permissions. Is it possible using either of these mods to link into my current permission system where by a username, password and permission is required to access the repository (Preferable with a read permission and write permission per repository)

tbl_users:user_id、user_name、user_hash

tbl_users: user_id, user_name, user_hash

tbl_group: group_id, group_name

tbl_group: group_id, group_name

tbl_permission:permission_id、permission_name

tbl_permission: permission_id, permission_name

tbl_user_group: user_id, group_id

tbl_user_group: user_id, group_id

tbl_group_permission:group_id、permission_id

tbl_group_permission: group_id, permission_id

tbl_user_permission:user_id、permission_id

tbl_user_permission: user_id, permission_id

推荐答案

首先是区别.

mod_authn_dbd 提供身份验证前端,例如 mod_auth_digest 和 mod_auth_basic通过在 SQL 表中查找用户来验证用户.

mod_authn_dbd provides authentication front-ends such as mod_auth_digest and mod_auth_basic to authenticate users by looking up users in SQL tables.

mod_auth_mysql 是一个 Apache 模块,允许使用存储在 MySQL 数据库中的用户和组数据进行身份验证.该项目似乎自 2005 年以来就没有更新过,所以我会选择 mod_authn_dbd.

mod_auth_mysql is an Apache module that allows authentication using user and group data stored in MySQL databases. The project seems to not have updated since 2005, so I'd go for mod_authn_dbd.

要正确设置,首先需要在 apache 配置中正确配置 mod_authn_dbd 和 mod_dbd,mod_dbd 负责数据库连接.完成此操作后(确保您的 Apache 在这些模块处于活动状态的情况下运行),然后您可以继续配置它们.

To set this up properly, first you need to configure mod_authn_dbd and mod_dbd up properly in your apache configuration, mod_dbd takes care of your database connection. Once you've done this (make sure your Apache is running with those modules active), then you can go ahead configuring them.

在您的 apache 配置中添加类似的内容以配置数据库连接:

Add something like this to your apache configuration to configure the database connection:

<IfModule mod_dbd.c>
  DBDriver mysql
  DBDParams "host=(your_db_server, p.e. 127.0.0.1) dbname=your_db_name user=your_db_user pass=your_db_pass"
  DBDMin 1
  DBDKeep 8
  DBDMax 20
  DBDExptime 200
</IfModule> 

现在将您想要的身份验证配置添加到 apache 配置中:

Now add your desired authentication configuration into the apache configuration:

<Directory "/your/svn/repository/path/">
  Options FollowSymLinks Indexes MultiViews
  AuthType Basic
  AuthName "Allowed users Only"
  AuthBasicProvider dbd
  AuthDBDUserPWQuery "SELECT pwd FROM tbl_users, tbl_user_group WHERE tbl_users.user_id=%s AND tbl_user.user_id=tbl_user_group.user_id"
  Require valid-user
  AllowOverride None
  Order allow,deny
  Allow from all
</Directory>

为了更好的可读性,我已经简化了 SELECT 语句,您必须扩展它以完善您的配置.

I've simplified the SELECT-statement for better readability, you have to expand this to get your configuration refined.

打字后我在网上找到了一个很好的例子,也许可以阅读它此处,也是.它比我的简化答案更深入.

After typing I've found a very good example in the web, maybe read it here, too. It goes alot deeper than my simplified answer.

相关文章