基本思路:
1.使用apache的svn扩展模块,这样可以使用http协议访问svn
2.在apache前端做http代理,在代理层做用户的权限校验
安装apache,svn,mysql
yum install httpd mysql-server mod_auth_mysql subversion mod_dav_svn
初始化mysql:
service mysqld start
mysqladmin -u root password 111111
mysql -u root -p
grant all privileges on *.* to 'root' @'%' identified by '111111';
vi /etc/my.conf
[mysqld]
default-character-set=utf8
初始化svn:
mkdir -p /home/svn/repo
svnadmin create /home/svn/repo/project1
#htpasswd -c /home/svn/passwd admin #第一次加用户名
cd /home/svn
vi authz
[/]
*=rw
所有人读写,权限控制在http代理层
chown -R apache:apache /home/svn
chcon -R -h -t httpd_sys_content_t /home/svn #或关闭selinux
vim /etc/httpd/conf.d/subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule mysql_auth_module modules/mod_auth_mysql.so
<Location /svn>
DAV svn
SVNParentPath /home/svn/repo
AuthType Basic
AuthName "Subversion"
#AuthUserFile /home/svn/passwd
AuthzSVNAccessFile /home/svn/authz
AuthMYSQLEnable on
AuthMySQLHost localhost
AuthMySQLPort 3306
AuthMySQLDB svn
AuthMySQLUser root
AuthMySQLPassword 111111
AuthMySQLUserTable users
AuthMySQLNameField name
AuthMySQLPasswordField password
#AuthMySQLGroupField group
AuthMySQLPwEncryption MD5
Require valid-user
#Require group svn
#<LimitExcept GET PROPFIND OPTIONS REPORT>
# Require valid-user
#</LimitExcept>
</Location>
启动apache
service httpd start
到此我能校验基本的用户信息(用户名和密码),但用户对项目的权限没有限制
权限的限制可以再apache的前做一个http代理,这里使用nodejs http-proxy
'use strict';
var http = require('http'),
httpProxy = require('http-proxy');
var proxy = httpProxy.createProxyServer();
var server = require('http').createServer(function(req, res) {
if(req.headers.authorization){
var auth = new Buffer(req.headers.authorization.split(' ')[1] , 'base64').toString();
}
console.log(req.method,auth,req.headers.depth);
//to do
proxy.web(req, res, {
target: 'http://localhost:8001', //svn apache 监听8001
secure: false,
xfwd: true,
});
});
console.log("listening on port 5000");
server.listen(5000);