AuthenticatingHg » History » Version 10
Version 9 (Chris Cannam, 2010-08-04 10:52 AM) → Version 10/25 (Chris Cannam, 2010-08-04 10:55 AM)
h2. Authentication for Mercurial activity
h3. Requirements
# *Clone/pull from repo for public project*: Any user, no authentication required
# *Clone/pull from repo for private project*: Permitted users only
# *Push to repo for public project*: Permitted users only
# *Push to repo for private project*: Permitted users only
# *Create repo for public project: User with manager role on project
What constitutes a permitted user for limited push or pull activity? user?
* A user who is a member of the project?
* A user who is identified in the [web] section of the repository?
* A user who is both a member and identified in the [web] section?
* A user who is either a member or identified in the [web] section?
* A user who is identified in the [web] section, if any, or is a member if there is no such section?
h3. Techniques
* Hg repository creation using "reposman.rb":http://temporary.lividcity.com/projects/soundsoftware-site/repository/entry/extra/svn/reposman.rb
* Apache authentication against Redmine user database using mod_auth_mysql (no support for LDAP-authenticated users?)
* Apache authentication against Redmine users using "the mod_perl module Redmine.pm":http://redmine.rubyforge.org/svn/trunk/extra/svn/Redmine.pm ("local copy":http://temporary.lividcity.com/projects/soundsoftware-site/repository/entry/extra/svn/Redmine.pm) or a variant thereof (Redmine.pm was designed for SVN access via WebDAV)?
* Hg repository [web]-section authorisation using "hgwebdir.cgi":http://mercurial.selenic.com/wiki/PublishingRepositories#Setting_up_the_hgweb.cgi_script
Other links on this subject:
* "Separation between authentication and authorisation activities":http://markmail.org/message/xmav6qg3is3xptve#query:+page:1+mid:xmav6qg3is3xptve+state:results
* "hgrc [web] section":http://www.selenic.com/mercurial/hgrc.5.html#web
* "Using mod_auth_mysql to authenticate against the Redmine database directly":http://maff.ailoo.net/2009/03/authenticate-apache-against-redmine-with-authmysql/
h3. Requirements
# *Clone/pull from repo for public project*: Any user, no authentication required
# *Clone/pull from repo for private project*: Permitted users only
# *Push to repo for public project*: Permitted users only
# *Push to repo for private project*: Permitted users only
# *Create repo for public project: User with manager role on project
What constitutes a permitted user for limited push or pull activity? user?
* A user who is a member of the project?
* A user who is identified in the [web] section of the repository?
* A user who is both a member and identified in the [web] section?
* A user who is either a member or identified in the [web] section?
* A user who is identified in the [web] section, if any, or is a member if there is no such section?
h3. Techniques
* Hg repository creation using "reposman.rb":http://temporary.lividcity.com/projects/soundsoftware-site/repository/entry/extra/svn/reposman.rb
* Apache authentication against Redmine user database using mod_auth_mysql (no support for LDAP-authenticated users?)
* Apache authentication against Redmine users using "the mod_perl module Redmine.pm":http://redmine.rubyforge.org/svn/trunk/extra/svn/Redmine.pm ("local copy":http://temporary.lividcity.com/projects/soundsoftware-site/repository/entry/extra/svn/Redmine.pm) or a variant thereof (Redmine.pm was designed for SVN access via WebDAV)?
* Hg repository [web]-section authorisation using "hgwebdir.cgi":http://mercurial.selenic.com/wiki/PublishingRepositories#Setting_up_the_hgweb.cgi_script
Other links on this subject:
* "Separation between authentication and authorisation activities":http://markmail.org/message/xmav6qg3is3xptve#query:+page:1+mid:xmav6qg3is3xptve+state:results
* "hgrc [web] section":http://www.selenic.com/mercurial/hgrc.5.html#web
* "Using mod_auth_mysql to authenticate against the Redmine database directly":http://maff.ailoo.net/2009/03/authenticate-apache-against-redmine-with-authmysql/