mod_auth_gforge 2, an apache module for Gforge AS

mod_auth_gforge2 (MAG2) is an apache2 module for controlling subversion DAV access based on Gforge AS permissions. It integrates smoothly with GForge AS, and supports role access and ACL checking.

MAG2 is based in the previous MAG for Gforge 4.x series.


Pre-compiled binaries for RHEL4/5, as well as the source tar (for compilation on other platforms) can be found here. Debug packages are also available.

We will cover the rpm installation here. If you need or want to compile from source, detailed instructions can be found in the README file distributed with the source tar.

On a working Gforge AS installation, all the runtime dependencies needed by MAG2 are installed by default, so it is just a matter of downloading the proper package for your RHEL version/architecture and install it with the rpm command as usual.

rpm -i modauthgforge2-0.6-1.i386.rpm

There is a debug version of each package too, which provides debugging information.


Once installed, you need to instruct apache to load the module, which is done with this line.

LoadModule auth_gforge_module modules/

Make sure you load the auth_gforge_module after dav_module and dav_svn_module. Also, remember to remove mod_authz_svn from the module list to be loaded by apache at startup. In Centos/RHEL, check /etc/httpd/conf.d/subversion.conf  also to confirm mod_authz_svn is not being loaded.

The configuration options are explained in the README file, which you can find in /usr/share/doc/modauthgforge2 if you installed MAG2 using rpm, or inside the source tar if you compiled from source. Here is an example using the standard /etc/gforge/httpd.conf file installed by default with Gforge AS:

LoadModule dav_module         modules/
LoadModule dav_svn_module     modules/
#LoadModule authz_svn_module   modules/
#Uncomment this to load MAG, comment out the previous line
#(authz_svn module)
#and make sure the authz_snv_module is not loaded in
LoadModule auth_gforge_module modules/

Inside your virtual host directive:

#  SVN Repository
    <Location svn>
      ErrorDocument 404 default
      DAV svn
      SVNParentPath /var/lib/gforge/svnroot
      #Uncomment the following lines to use MAG
      GforgeSysPath /var/lib/gforge
      GforgeGroupsRoot /svnroot
      Auth_PG_cache_passwords On
      # how to authenticate a user
      # comment out the following line when using MAG
      #AuthzSVNAccessFile /var/lib/gforge/svnroot-access
      AuthType Basic
      AuthName "Document repository"
      # comment the following line when using MAG
      #AuthUserFile /var/lib/gforge/svnroot-authfile
      SVNIndexXSLT "/svnindex.xsl"
      # only authenticated users may access the repository
      Require valid-user

You may need to configure the database parameters as well. Check the README for Auth_PG_host_name, Auth_PG_database, Auth_PG_port and Auth_PG_pwd. If you accepted the default database parameters when installing Gforge, this is not needed.

For more details, please check the README

Final steps

Once the above steps are done, and you confirmed that everything works, you can disable the cronjob that handles webdav users creation/modification. Look into cron15.php and comment the following line:

About anonymous access

A current MAG2 limitation is that an user needs to be registered at the site for checking out projects when he is not a member and the repository anonymous access is enabled.

Leave a Reply