featured image SCM-Manager Plugins Part 4: Htpasswd

June 07, 2013 / by Daniel Huchthausen / In Technology

SCM-Manager Plugins Part 4: Htpasswd

+++This post was migrated from our former blog about SCM-Manager Universe. Therefore, the design is slightly different and some information might not be 100% applicable to Cloudogu EcoSystem. So don't be alarmed; enjoy reading.+++

This plugin is for those people who want to migrate their Subversion repositories to SCM-Manager and that are using an Apache server for user authentication. The current version is 1.1.

General

If you want to perform this migration without the plugin you have to add each user manually to SCM-Manager, because you can´t get the passwords from the server. They are stored encrypted in the .htpasswd-file and it isn´t possible to decrypt them. This leads to double effort since the administrator has to add all users, each with a random password. These passwords need again to be changed by the users in order to ensure their secret.

The Htpasswd-plugin is the solution to this problem. It identifies users against the .htpasswd-file of the Apache by adding a new authentication resource like LDAP, crowd or the xml-file to SCM-Manager. If someone wants to login to SCM-Manager with unknown login information, the system searches through the .htpasswd-file and if a corresponding user is found it adds a new user to SCM-Manager with the name and password from the .htpasswd-file.

Usage

After the plugin was installed and the application server is restarted you can configure the plugin in the “General” screen.

You only have to fill in the path of the htpasswd-file and restart the application server once more. Afterwards users can login to SCM-Manager with username and password from the htpasswd-file.

The plugin adds user with the name that is stored in the .htpasswd-file. The password of a user remains stored and encrypted in the .htpasswd-file.

Additional information like “Display Name”, “Mail”, administration rights and repository permissions of users need to be added manually in SCM-Manager. If you want to use other plugins like notify it is especially important to add the email addresses.

Update: Version 1.1

The new version of the plugin contains some helpful new features:

  • Reload feature: changes in the .htpasswd-file are detected automatically and new users can login to SCM-Manager without restarting the appliation server.
  • “Display Name” and “Mail”: now it is possible to make changes to those fields (in the “Users“-screen). In version 1.0 they had write protection.

Management of Repository Permissions

In order to facilitate the permission management we want to show you the different possibilities of SCM-Manager in permission assignment. Depending on your permission structure you can choose between these options:

  • adding each user individually with read or write rights to each repository, this is the most elaborate way
  • other possibilities, offered by SCM-Manager, are:
    • creating groups and adding them to repositories
    • using the “_authenticated” -group to add all users at once to a repository
    • assigning global permissions to users or groups

Conclusion

The Htpasswd-plugin is for those people who want to use login information from an Apache server in SCM-Manager. This saves a lot of work, because this way it is not necessary to add each user manually.

With kind regards,
your SCM-Manager Support Team


Daniel Huchthausen
Daniel Huchthausen

- Consultant -

When he is not exploring the wilderness, Daniel keeps himself busy with topics such as quality assurance, testing and PM methods.