csvn采用header的认证
viewvc通过header(REMOTE_USER名)认证,只需程序中修改,具体说明如下:
1 需要在csvn_modules_httpd.conf(文件csvn/data/conf目录下)中添加mod_authn_anon.so和mod_auth_trustheader.so模块。
即引入:
LoadModule authn_anon_module lib/modules/mod_authn_anon.so //检测该文件是否存在,一般默认存在
LoadModule auth_trustheader_module lib/modules/mod_auth_trustheader.so //需要额外添加
*****对应于程序中,grails-app\services\com\collabnet\svnedge\admin\ServerConfService.groovy
添加:
private def writeModulesConf(server) {
def conf = """${DONT_EDIT}
.....
....
//为了支持viewvc单点,需要添加模块
conf += "LoadModule authn_anon_module lib/modules/mod_authn_anon.so\n"
conf += "LoadModule auth_trustheader_module lib/modules/mod_auth_trustheader.so\n"
注:mod_auth_trustheader.so(由.c文件生成) 参考 https://sourceforge.net/projects/trustheader/
2 需要在svn_viewvc_httpd.conf(文件csvn/data/conf目录下)下对应于viewvc部分修改为:
<Location /viewvc>
AuthType TrustHeader
AuthTrustHeaderProvider anon
AuthTrustHeader %{HTTP:REMOTE_USER}
Anonymous '*'
Anonymous_MustGiveEmail off
Anonymous_NoUserId off
Anonymous_VerifyEmail off
Anonymous_LogEmail off
AddDefaultCharset UTF-8
SetEnv CSVN_HOME "/opt/tc/csvn"
Require valid-user
</Location>
程序修改为:
private def writeSvnViewvcConf(server) {
boolean ctfMode = server.managedByCtf() ||
.......
.......
if (ConfigUtil.isEnableCas()) {
......
......
} else {
//viewvc采用header方式
conf += """
<Location /viewvc>
AuthType TrustHeader
AuthTrustHeaderProvider anon
AuthTrustHeader %{HTTP:REMOTE_USER}
Anonymous '*'
Anonymous_MustGiveEmail off
Anonymous_NoUserId off
Anonymous_VerifyEmail off
Anonymous_LogEmail off
AddDefaultCharset UTF-8
SetEnv CSVN_HOME "${ConfigUtil.appHome()}"
Require valid-user
"""
/*
conf += """
<Location /viewvc>
AddDefaultCharset UTF-8
SetEnv CSVN_HOME "${ConfigUtil.appHome()}"
"""
*/
}
svn checkout https://XXXX/svn/admin/trunk admin --username admin
的展示
2 手动建立/tmp/cache ,且对他们分别赋予权限
3 在对viewvc修改过程中,涉及到的修改有
/xxx/csvn/data/conf中的security.properties文件
最下面添加:
grails.plugin.springsecurity.cas.active = false
grails.plugin.springsecurity.cas.loginUri = /login
grails.plugin.springsecurity.cas.serviceUrl = http://xx/csvn/j_spring_cas_security_check
grails.plugin.springsecurity.cas.serverUrlPrefix = http://xx/cas
grails.plugin.springsecurity.cas.artifactParameter = ticket
grails.plugin.springsecurity.cas.serviceParameter = service
grails.plugin.springsecurity.cas.cas.sendRenew = false
grails.plugin.springsecurity.cas.filterProcessesUrl = /j_spring_cas_security_check
grails.plugin.springsecurity.logout.afterLogoutUrl = http://xx/cas/logout?url=http://xx
grails.plugin.springsecurity.cas.useSingleSignout = true
svnedge.cas.isEnable=true
svnedge.cas.loginUrl=http://xx/cas/login
svnedge.cas.validateUrl=http://xx/cas/serviceValidate
svnedge.cas.rootProxiedAs=http://xx
svnedge.cas.cookiePath=/tmp/cache/
/xxx/csvn/dist中viewvc.conf.dist中
#---------------------------------------------------------------------------
[general]
..........
..............
csvn_servermode = __CSVN_SERVERMODE__
csvn_app_server_root_url = __CSVN_APP_SERVER_ROOT_URL__
##csvn_svn_base_url=http://xx/svn/ -------------------------------------------------注释掉了
csvn_twitter_bootstrap_version = __CSVN_TWITTER_BOOTSTRAP_VERSION__
csvn_jquery_js_filename = __CSVN_JQUERY_JS_FILENAME__
csvn_svnedge_css_filename = __CSVN_SVNEDGE_CSS_FILENAME__
csvn_application_js_filename = __CSVN_APPLICATION_JS_FILENAME__
#---------------------------------------------------------------------------
[utilities]
。。。。。。。。。。。。。。
。。。。。。。。。。。
#viewvc_base_url =
##viewvc_base_url = http://xxx/viewvc/ ------------------------------------------------注释掉了
##---------------------------------------------------------------------------