在没有LDAP身份验证的情况下使用Gitosis对Gitweb进行身份验证? [英] Authenticating Gitweb with Gitosis without LDAP Auth?

问题描述

我使用带有gitweb，gitosis的Apache Auth找到了您的文章.

I found your article using Apache Auth with gitweb, gitosis.

我想知道是否没有使用LDAP进行身份验证的方法.当前，我们有一个非常大的NIS域，可用于所有UNIX服务器上的身份验证. 我们通过UI将其用于SVN存储库，但在这种情况下，我试图满足以下要求:

I was wondering if there was a way to do this if I wasn't using LDAP for authentication. We currently have a very large NIS domain which we use for authentication on all unix servers. We use this for SVN repositories through a UI, but for this case I am trying to meet a requirement of:

• Git存储库
• 访问控制-使用Gitolite
• 在线用户界面-使用Gitweb
• UI还必须具有访问控制-尚未实现

我首先想到的是我需要让Gitweb和Gitolite一起玩，并且每个人现在都可以单独工作.

I was thinking first I need to get Gitweb and Gitolite to play together and each one works at the moment individually.

如果gitolite使用SSH密钥提供访问权限，那么它可以通过为用户/开发人员从中访问Gitweb/gitolite的每台计算机都有一个密钥来提供这种访问方式.

If gitolite provides access using SSH-keys, then it can provide the access this way by having a key for each machine a user/developer will be accessing Gitweb/gitolite from.

或者如果我可以让gitweb来简单地从NIS域对用户进行身份验证，因为每个用户都有一个由我们的IT部门设置的帐户，那会更好.

Or if I can get gitweb to simply authenticate users from NIS domain since every user has an account that our IT department sets up this would be better.

我可以使用任何想法或方法来进一步满足这一要求吗?

Any ideas or howtos I can use to get further on this requirement?

推荐答案

将gitweb和gitosis链接在一起的方式是:

The way you link gitweb and gitosis together is by:

• 具有名称与NIS登录名相同的gitweb配置文件
• 具有 gitweb.conf (来自gitolite )，包括

• having gitweb configuration files with names identical to NIS logins
• having gitweb.conf (from gitolite) including in gitweb_config.perl from this blog post (add at the end of gitweb_config.perl:)

    use lib (".");
    require "gitweb.conf";

• 为您的Apache2 httpd.conf(或extra/httpd-ssl.conf)使用 NIS身份验证 >如果您使用的是https)
• using a NIS authentication for your Apache2 httpd.conf (or extra/httpd-ssl.conf if you are using https)

用户通过身份验证(通过基本身份验证，LDAP或NIS身份验证)后，将设置 $cgi->remote_user ，这就是将要传递的登录名(由gitolite gitweb.conf传递) )到管理Git访问权限(ACL)的gitolite perl脚本.

Once a user is authenticated (be it with basic, LDAP or NIS auth), the $cgi->remote_user will be set and that is that login which will be passed (by the gitolite gitweb.conf) to the gitolite perl script managing Git access rights (ACLs).

Git ACL仍然由ssh密钥管理，并且与登录机制无关，除了登录部分使gitolite能够进行正确的帐户关联.

The Git ACLs are still managed by ssh key and are independent from the login mechanism, except for the login part which enable gitolite to make the right account association.

这篇关于在没有LDAP身份验证的情况下使用Gitosis对Gitweb进行身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！