How to configure group based LDAP access to Mercurial

Asked Jun 21 '22 at 07:23

Active Jun 21 '22 at 07:23

Viewed 38 times

I currently have LDAP authentication configured for Mercurial using the following Apache configuration:

<Location /hg>
      AuthBasicProvider ldap
      AuthType basic
      AuthName "Mercurial Repository"

      AuthBasicAuthoritative on

      AuthLDAPBindDN "uid=username,ou=ou_name,dc=dc_name,dc=dc_name,dc=dc_name"
      AuthLDAPBindPassword password

      AuthLDAPURL "ldaps://ldap_server:636/dc=dc_name,dc=dc_name,dc=dc_name"

      Require valid-user

      Allow from 127.0.0.1 *.*.*.*/**  *.*.*.*/**
</Location>

This allows all of our LDAP users to access the repositories but ideally we would like to limit it to an LDAP group. I thought it would just be a case of replacing "Require valid-user" with "Require ldap-group cn=group_name,ou=group,dc=dc_name,dc=dc_name,dc=dc_name" but this results in "authorization failure for" errors after restarting apache.

Is there anything else that needs to be done?

asked Jun 21 '22 at 07:23

Alan Spark

How to configure group based LDAP access to Mercurial

0 Answers0