How to set up SVN and Trac servers on Windows Server

Question

I need to seet up SVN and Trac for my lab at grad school. We have a machine running Windows Server 2003 and I was hoping to use that. One thing that we really need is authentication by login to the windows domain. The school is set up on one domain using AD. I've never done anything like this before, so can someone tell me how hard it is/is it possible/how to do it.

Thanks

Answer 1

Explaining the entire thing here might be difficult. Look at the this link for setting up svn and this for setting up trac. And for having trac authenticate with Windows domain you can check this link here.

Answer 2

While I'm not sure if this is exactly what you're looking for, I've used some of BitNami's self-contained self-contained stacks for my own personal work before, and they do a great job of handling the dirty work. They have both a Subversion and Trac module, so all you have to do is install both and then change the config files to handle the Windows authentication. Plus, since the BitNami stack uses Apache to serve the Trac install, it's easy to follow the link proy gave above.

Answer 3

Already good links (especially proy), but a real example can maybe help.

Here is some parts of the httpd.conf used for a windows (XP) server, with an old 2.2.11 apache.

<...>
# Dynamic Shared Object (DSO) Support
<..>
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module  modules/mod_authz_svn.so
LoadModule sspi_auth_module modules/mod_auth_sspi.so
<...>
# provides list of repo with anonymous access
<Location /svn>
    DAV svn
    SVNParentPath "C:/data/repositories/"
    SVNListParentPath on
    SVNIndexXSLT "/svnindex.xsl"
    SVNAutoversioning on
</Location>

<Location /svn/>
    # Checked access for a deeper look
    # for single repository configuration (access right, etc), use a more specific entry in 'Location',
    # and use 'SVNPath "<path to repository>"' instead of 'SVNParentPath
    DAV svn
    SVNParentPath "C:/data/repositories/"
    SVNListParentPath on
    # for web browsing
    SVNIndexXSLT "/svnindex.xsl"
    SVNAutoversioning on
    # --- windows authentication
    AuthName "a nice, friendly and informative message"
    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain <YOUR_DOMAIN>
    SSPIUsernameCase lower
    # let non-IE client authentification (YES)
    SSPIOfferBasic On
    # comment the next line if you want to keep domain name in userid string passed down to mod_authz_svn
    SSPIOmitDomain On
    Satisfy Any
    Require valid-user
    # specific access control policy enforced by mod_authz_svn
    AuthzSVNAccessFile "C:/controls/svnaccesspolicy.private"
</Location>
...
# And the config for a series of Trac sites
# No authentication for read only
<Location /bugs>
    SetHandler mod_python
    # Date and Time localization, with the standard (fast)cgi
    SetEnv LC_TIME "fr_CH"
    SetEnv PYTHON_EGG_CACHE "C:/cache/egg"
    # Date and Time localization, with the modpython
    PythonOption TracLocale "French_Switzerland"
    PythonHandler trac.web.modpython_frontend
    PythonOption TracEnvParentDir "C:/data/trac"
    PythonOption TracUriRoot /bugs
</Location>
<LocationMatch "/bugs/[^/]+/login">
    SetEnv LC_TIME "fr_CH"
    SetEnv PYTHON_EGG_CACHE "C:/cache/egg"
    AuthName "Another nice and informative message"
    AuthType SSPI
    # NT Domain auth config
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain <YourDomain>
    SSPIUsernameCase lower
    SSPIOfferBasic On
    SSPIOmitDomain On
    # following line squishes bug #1168 if IE has troubles editing wiki pages.
    SSPIBasicPreferred On
    BrowserMatch "MSIE 6\.0; Windows NT 5\." nokeepalive
    BrowserMatch "MSIE 7\.0; Windows NT 5\." nokeepalive
    # and this one is a tentative to solve some login issue with IE7 (http://trac.edgewall.org/ticket/4560#comment:22)
    SSPIOfferSSPI off
    SSPIPerRequestAuth On
    # Satisfy Any
    Require valid-user
</LocationMatch>
<snip>

As you see, both site can use the same way to query the DC for validation.

Notice that it was a config for an old server (winXp) - maybe a bit outdated, and not using ssl which may be needed in your case. Also, both trac and subversion was installed "manually" (ie not integrated environement) - which is also good when some troubles occurs (Y'll have a better idea on where to put your fingers).

Answer 4

SVN - use VisualSVN Server, it is the ultimate in ease-of-use on Windows, integrates with active directory and installs/upgrades in seconds.

Trac - VisualSVN people have a guide on installing Trac to work with it. They do say "not supported", "unofficial", etc but they still have the code and the guide for you.