Ok, so you want to evaluate and open source application?

What guidelines should you use? Here is a guideline. I will continue to update this as I find valid items to measure. If you have something I should add to the list, please let me know.

Obtaining the Software

1. A top link in search engine when searching for open source app’s name?
2. A quick download link?
3. Clear description of different downloads per platform?

Installation of Open Source App

1. Clear description of different downloads per platform?
   List of platforms:

2. Ease of install score:
3. Ease of initial configuration score:

Authentication

1. Integration with Active Directory?
   Score:

2. Integration with LDAP?
   Score:

3. Database authentication?
   Explanation: Can authentication occur in a database such as Postgresql, MySQL, etc…
   Supported Database list:
   Score:

4. Authentication to a 3rd party programs database?
   Explanation: So that if you have an application A with a database that hosts a username a password, can this open source application B use your database from application A to authenticate?
   Score:

Security

1. How secure is this application?
2. What security holes have been reported and fixed?
3. What development designs were taken into consideration to enhance security?
4. What security analysis tools such as Nessus has this open source application been analyzed with?

Documentation

1. Install guide exists?
   Quality Score:

2. Users guide exists?
   Quality Score:

3. Admin guide exists?
   Quality Score:

4. Developer’s guide exists?
5. Compile/Debug guide on how to load in an IDE and compile and debug (Visual Studio 2008, Eclipse, KDevelop, other, etc…)
6. Guide for submitting a bug or suggestion?
7. Guide for contributing documentation?
8. Ease of contribution Documentation?

Ease of Use

1. Is the application easy to use?
2. Can non-technical users use the application with minimal training?

Stability

1. How stable is the application? Determine this from normal use for a period of time.
2. How stable is the platform(s) and/or 3rd party dependencies the application runs/depends on?
3. Does the application crash with normal use?
4. Does the application crash with abnormal use?
5. Does the application crash with prolonged use?
6. Is the process for submitting a bug simple?
7. Is the process for applying a patch simple?
8. Does applying patches decrease stability?

Community Strength

1. Is it being maintained by a strong community?
2. Is there a high adoption rate for this application?
3. What is the average turn around time for a bug in the community?
4. Is there a forum? What is forums user base? How quick do questions get responses?
5. Is there a mailing list?
6. Is there an RSS feed?

Customization of Open Source Application

1. What language is this written in?
2. Ease of customization.
3. Ease of contributing to project
4. Ease of compiling/debugging?
5. Ease of getting fixes committed to source?

Scalability

1. Does the application scale well with increased usage?
2. Does this application integrate with the two most used operating systems for desktops? Windows and OS X?

So previously I released the following post:
How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server?

Now I am following up as promised with how to integrate this with Active Directory and AD’s LDAP. You need to know your LDAP Active Directory info. If you don’t, you need to get it. Or else maybe your domain is generic enough that looking at my examples will get you there.

1. Log in to dotProject.
2. Click on System Admin | Default User Preferences.

   We will make changes to the following sections:

   • User Authentication Settings
   • LDAP Settings

   These section are show in this screen shot. After this screen shot instructions on configuring these sections are provided.

   

3. Scroll to the section called User Authentication Settings.
4. Change the User Authentication Method setting to LDAP.
5. Configure the LDAP Settings section.
   1. For LDAP Host, Enter the IP address of your Active Directory server.
   2. Do not change the LDAP Port or LDAP Version settings.
   3. On a default Active Directory installation, set the LDAP Base DN to the following:
      CN=Users,DC=YourDomain,DC=tld

      For example, the lab I am demoing this with is LD.Lab so it would be this:

      CN=Users,DC=ld,DC=lab
   4. For LDAP User Filter enter the following:
      (sAMAccountName=%USERNAME%)
   5. For the LDAP Search User, enter a domain user:
      CN=John Doe,CN=Users,DC=ld,DC=lab

      SUGGESTION: Create a service account on the domain with a really intense password and almost no rights, except of course the right to search LDAP so it can be an LDAP Search User.

   6. Obviously for the LDAP Search User Password, enter the password for the LDAP Search User.

      IMPORTANT! You must update this password here when the user’s changes in Active Directory (sorry for the “No duh” moment but it had to be said).

6. Scroll down and on the bottom right of the Default User Preferences page, click Save.

Go ahead and try to login as a Domain User.

Note On Changing Permissions
Domain Users may appear to get the Administrator role, but this is not really the case. They only get the Anonymous role when they first login. See my forum post here:
How to make an LDAP user an administrator?

Also, it appears that if you want all users who login to get more permissions, then edit the Anonymous role or modify every user individually. (Yeah, so the project needs some features in this area…maybe you want to become a contributor and develop it yourself?)

Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.

Hey this was really easy. Really, it is just a matter of aliasing your ls commands. However, it is only really easy if you know how to do it. When you forget, it is annoying. So here is another post to store the info I once knew but forgot and had to learn again.

Using sh, the default shell

1. Edit your .shrc file in your home folder:
   # ee /usr/home/username/.shrc
2. Add/Change the alias commands as follows:
   alias ls=’ls -G’
   alias ll=’ls -laFoG’
   alias l=’ls -lG’

   The first one I added, the second two I only added the -G parameter to the already existing aliases for ls.

3. Save and close the file.
4. Logout and login and your shell should have colors when you use ls.

Using bash

1. Edit your .shrc file in your home folder:
   # ee /usr/home/username/.shrc
2. Add/Change the alias commands as follows:
   alias ls=’ls -G’
   alias ll=’ls -laFoG’
   alias l=’ls -lG’

   The first one I added, the second two I only added the -G parameter to the already existing aliases for ls.

3. Save and close the file.
4. Copy the .profile file to .bash_profile.
   # cp /usr/home/username/.profile /usr/home/username/.bash_profile
5. Edit the .bash_profile and add the following:
   # Source the .shrc
   source .shrc
6. Logout and login and your bash shell should have colors when you use ls.

Using csh, the default shell for root

1. As root, edit your .cshrc file in either your home folder or in the home folder for root:

   Your home folder:

   # ee /usr/home/username/.cshrc

   Home folder for root:

   # ee /root/.cshrc
2. Add/Change the alias commands as follows: (The syntax is slightly different than for sh or bash)
   alias ls ls -G
   alias la ls -aG
   alias lf ls -FAG
   alias ll ls -lAG

   The first one I added, the others I only added the -G parameter to the already existing aliases for ls.

3. Save and close the file.
4. Logout and login and your shell should have colors when you use ls.

bash and sh for all users

1. Edit your .shrc file in your home folder:
   # ee /usr/home/username/.shrc
2. Add/Change the alias commands as follows:
   alias ls=’ls -G’
   alias ll=’ls -laFoG’
   alias l=’ls -lG’

   The first one I added, the second two I only added the -G parameter to the already existing aliases for ls.

3. Save and close the file.
4. Cat this file to /etc/profile.
   # cat /usr/home/username/.shrc > /etc/profile
5. Logout and login and your shell should have colors when you use ls.

csh for all users

1. As root, edit your .cshrc file in either your home folder or in the home folder for root:

   Your home folder:

   # ee /usr/home/username/.cshrc

   Home folder for root:

   # ee /root/.cshrc
2. Add/Change the alias commands as follows: (The syntax is slightly different than for sh or bash)
   alias ls ls -G
   alias la ls -aG
   alias lf ls -FAG
   alias ll ls -lAG

   The first one I added, the others I only added the -G parameter to the already existing aliases for ls.

3. Save and close the file.
4. Cat this file to /etc/csh.cshrc.
   # cat /usr/home/username/.cshrc > /etc/csh.cshrc
5. Logout and login and your shell should have colors when you use ls.

Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.

How to remove the ^M characters in a file on FreeBSD?

This is simple:

There are multiple ways to do it. One is actually included in the FreeBSD-tips file:

So if you installed the “games” distribution, you get tips every time you log in. And once in a while the above tip will show up.

I had never used that one however, I had always used this one (which I modified) that I found here: http://sed.sourceforge.net/sed1line.txt

However, this one works with the sh, tcsh and bash but not with the csh shell.

This one worked on csh but I am not sure if it is recommended as it assumes every line ends with ^M.

Anyway, I like how FreeBSD supports the -i parameter. Because if I am doing lots of files, I can have a script that does each file in a directory and then (of course I have a back up just in case) I can run sed -i.bak ‘s/.$//’ filename on each file and then do delete all .bak files so every file “appears to be” edited in place.

How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server?

The basic overview.

1. Install FreeBSD.
   How do I install FreeBSD?
2. Update FreeBSD and download the ports tree.
   What are the first commands I run after installing FreeBSD
3. Then install Apache + SSL.
   Installing an Apache + SSL on FreeBSD using the ports tree
4. Then install MySQL.
   How to install MySQL on FreeBSD 7.2 or on Red Hat 5.4?
5. Configure MySQL to be Unicode.
   How to create a UTF-8 Unicode Database on MySQL and make UTF-8 Unicode the default?Note:
6. Secure MySQL. I don’t have a post on this, but you can follow these MySQL pages.
   Securing the Initial MySQL Accounts
   General Security Guidelines

   Note: If you know what you are doing, you can go with any database that dotProject supports, such as Postgresql.

7. Install PHP5and PHP5-Extensions and make sure to include the MySQL extensions and the LDAP extension.

How to install PHP5 and PHP5 Extensions on FreeBSD?

8. Then install DotProject

I have previous documents about installing each of the steps above installing dotProject. Once you have gone though the above documents, you will be ready for this document. This document will only cover dotProject.

Installing dotProject 2.1.2 from Ports

1. Install dotProject from ports using one of the following commands (I use the first one when doing virtual hosts and the second one when just using sub directories of the web root).

   # #	cd /usr/ports/www/dotproject make install

   Note: If you Apache directory is /usr/local/www/apache22/data you may want to use this make command:

   # #	cd /usr/ports/www/dotproject make DOTPROJECTDIR=/usr/local/www/apache22/data/dotproject install

2. Create a database in MySQL for dotProject. Name it whatever you want. For this example, I am going to name the database dotProjDB. If you have read the articles about MySQL that I referenced above, you should know how to log into to MySQL, but just in case you forgot, I will show you again.There are lots of ways to create a database in MySQL, and I am going to give you one example using the shell and the MySQL client.

   #	mysql -u root -p

   Enter your password and you should be taken to a mysql prompt.

   mysql>

   create database dotprojdb

   Yes it is that simple. And at the same time no it is not that simple. There is a lot more to know such as where to put the database files and how fast of drives you need, whether you need faster read speed or faster write speed or both, but this will suffice for now.

3. Create a mysql user account for this database. We don’t want to user the root account.
   See this page in the MySQL documentation for more information on this: Adding User Accounts

   mysql>	CREATE USER ‘dpuser’@’localhost’ IDENTIFIED BY ‘P@sswd!’;
   Query OK, 0 rows affected (0.01 sec)
   mysql>	GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON dotprojdb.* TO ‘dpuser’@’localhost’;
   Query OK, 0 rows affected (0.01 sec)

4. Now open a web browser to your server’s site: http://yourserver/dotprojectYou will see the following page.

   No need to do anything on this page because it should redirect you after 5 second to a dotProject configuration web page.

   

   Now some of the items in red need to be taken care of. Not all of them, just some of them.

   The first group of items are “Requirements” and anything not with a pretty green check mark under the “Requirements” section needs to be fixed.

   However, under the “Database Connectors” section, there are lots of red Xs. We don’t need to fix these. We just need one database, so as long as the database you want to use (in this example it’s MySQL) has a pretty green check mark, you don’t need to do add more “Database Connectors”.

5. Fix the first error: Session Save Path writable? X Fatal: session.save_path is not setTo do this, follow these steps:
   1. Change to the directory that contains the php.ini file. On FreeBSD that directory is here: /usr/local/etc

      #	cd /usr/local/etc

   2. Now by default the PHP5 port on FreeBSD doesn’t install a php.ini file, but instead provides two example php.ini files: php.ini-recommended and php.ini-dist. So copy one of them to php.ini.

      #	cp php.ini-recommended php.ini

   3. Edit the php.ini file and remove the comment from this line:
      ;session.save_path = “/tmp”

      I use ee which is the command to open Easy Editor. But you can use vi or whatever.

   4. Save the file and exit.
6. The other issue is this one: Session AutoStart = ON? X Failed Try setting to ON if you are experiencing a WhiteScreenOfDeathOk. So this issue is fixed is in that same php.ini file. So repeat the steps only this time we don’t remove a comment, we change a setting from 0 to 1. Find the following line and change it from 0 to 1, as shown.
   session.auto_start = 1
7. Restart apache. This is required and must be done before these settings will take effect.

   #	/usr/local/etc/rc.d/apache22 restart

8. Now you are ready to click the “Start Installation” button. So go ahead and click it. The following page should appear.
9. Enter the details as shown in the page. Hopefully you have your own database user and password to use.
10. Should you click the “User persistent connection?” option? Well, read this. http://www.php.net/manual/en/features.persistent-connections.phpI am not going to check it.
11. Click “Install db and write config”. It should succeed and you should see this new page.
    
12. Now go back to the dotproject home page: http://yourserver/dotprojectLogin with the default user name and password and you are ready to go.

    UPDATE:
    Check out my new update to this:
    How to configure dotProject 2.1.2 to authenticate using Active Directory’s LDAP?

Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.

How to create a Calendar in QlikView 9?

UPDATE: Check out my new calendar here: http://rhyous.com/2009/11/30/my-new-and-improved-calendar-in-qlikview/

Ok, so the fact that I cannot just have one line in a Load Script is a negative for QlikView. In a perfect world, I would have one line that would give me a bunch of possible values I could use for a dimension, such as CalendarDay, CalendarWeek, CalendarMonth, CalendarQuarter, CalendarYear, etc… It would be one line like this:

Alas…it is not a perfect world, so this feature doesn’t exist in QlikView. (Enhancement Request please!!!!)

So there is a Wiki on how to do it. Here is the link.
http://community.qlikview.com/wikis/qlikview-wiki/how-to-create-a-calendar.aspx

However, the problem is that this didn’t work.

So after some research I remember that internet search engines exist and I don’t have to just search QlikView’s site and documentation. I did a google search for this string:
qlikview how to create a calendar

The script didn’t fail to load…yeah…wait…there is not data in my report that has to do with a Calendar.

This sucks. Why can’t I just create a new Calendar. This is common problem with some software companies. There is a “key features” that can be done, but with great difficulty. However, because it can be done, they don’t spend any more development time on it.

Anyway, I added a post in the QlikView Forum and watched the QlikView free training Video for developers (especially module 8).

Here is the result:

LET vDateMin = Num(MakeDate(2000,1,1));
LET vDateMax = Floor(YearEnd(AddMonths(Today(), 12)));
LET vDateToday = Num(Today());

TempCalendar:
LOAD
$(vDateMin) + RowNo() – 1 AS DateNumber,
Date($(vDateMin) + RowNo() – 1) AS TempDate
AUTOGENERATE 1
WHILE $(vDateMin)+IterNo()-1<= $(vDateMax); MasterCalendar: LOAD TempDate AS CalendarDate, Day(TempDate) AS CalendarDay, WeekDay(TempDate) AS CalendarWeekDay, Week(TempDate) AS CalendarWeek, Month(TempDate) AS CalendarMonth, Year(TempDate) AS CalendarYear, 'Q' & Ceil(Month(TempDate)/3) AS CalendarQuarter, WeekDay(TempDate) & '-' & Year(TempDate) AS CalendarWeekAndYear, Month(TempDate) & '-' & Year(TempDate) AS CalendarMonthAndYear RESIDENT TempCalendar ORDER BY TempDate ASC; DROP TABLE TempCalendar; LET vDateMin = Num(MakeDate(2000,1,1)); LET vDateMax = Floor(YearEnd(AddMonths(Today(), 12))); LET vDateToday = Num(Today()); [/sourcecode] Now when your script loads, you can right click and choose New Sheet Object, Slider/Calendar Object. Choose Calender, not Slider and base it off of the CalendarDate field. Also on the Sort tab, use the Numeric Value to change the sort to Descending.

How to create a directory in C++?

Ok, so this is another task that should be simple but isn’t. Come on C++ Standards people. C++ has been out for decades and you haven’t figured out how to get all Operating Systems to conform to a single piece of code to make a directory? Write an standard and release it.

This document is for Windows, I will talk about FreeBSD some time later.

If wxWidgets can do it with the filefn.h, why can’t the standard C++ Library?

Supposedly Boost can do it also but the standards people are taking their sweet time getting Boost in.

So here is how it can be done. The headers names are the project types I chose in Visual Studio 2008.

Windows Empty Project

Create a main.cpp and put the following in it.

#include <iostream>
#include <string>
#include <direct.h>
#include <sys/stat.h>

using namespace std;

int main ()
{
	string directoryName = "c:\\programdata\\MyApp";

	struct stat st;
	if (stat(directoryName.c_str(), &st) == 0)
	{
		cout << "The directory exists." << endl;
	}
	else
	{
		int mkdirResult = _mkdir(directoryName.c_str());
		if (mkdirResult == 0)
		{
			cout << "The directory is created." << endl;
		}
		else
		{
			cout << "The directory creation failed with error: " + mkdirResult << endl;
		}
	}
}
&#91;/sourcecode&#93;

<strong>Windows CLR Console Application</strong>

[sourcecode language="cpp"]
#include "stdafx.h"

using namespace System;
using namespace System::IO;
int main()
{

   String^ directoryName = "C:\\ProgramData\\MyApp";
   if ( Directory::Exists( directoryName ) )
   {
	   Console::WriteLine( "The directory exists.");
       return 0;
   }
   else
   {
	   try
	   {
		  DirectoryInfo^ directoryInfo = Directory::CreateDirectory(directoryName);
	   }
	   catch ( Exception^ e )
	   {
		   Console::WriteLine(e->ToString());
	   }
   }
}

So I opened a command prompt to test that a port is open using the standard practive test:

telnet ipaddress port

For example, I was checking if RDP was open to an address:

However, Windows 7 just complained.

So where is telnet in windows 7? Well, I am first going to check Add / Remove Programs to see if I can add it.

1. Open Add / Remove Programs. Here is how if you don’t know.
   1. Click on Start.
   2. Type in Add / Remove Programs.
   3. Selecte and start Add / Remove Programs.
2. I then clicked on “Turn Windows Features On or Off”.
3. I then found the “Telnet Client” option.
4. I checked the box and clicked OK.And the Telnet client installed.So I have windows 7 ultimate. I understand leaving telnet off Windows 7 home by default, but I don’t understand why to leave it off of Windows 7 Ultimate. Oh, well. I guess we will just have to enable it ever time when we want it.

How to add an enum or enumeration to a class in C++?

Obviously this is simple, but I keep forgetting one element or other of the syntax (usually the terminating semi-colon) so I thought if I made a post about it, I would never forget again, and if I did, I could look at my post and remember.

There are certain parts to an enum configuration:

1. The enum keyword.
2. The name of the enumerator. I name this one Items just as an example but it can be named anything you want almost (of course you can’t use C++ keywords).
3. The open bracket: {
4. The names of the items separated by comas:
   item1, item2, item3
   Each item has an integer value starting at 0 and incrementing by one. Optionally, you can change a value, and again, ever value thereafter will be +1. So if you want to start at 1 instead of at 0, you would put this:
   item1 = 1, item2, item3
   If you wanted to count from 1,2,3 and then 7,8,9 you could do this:
   item1 = 1, item2, item3, item7 = 7, item8, item9
   Also you can change every item by having every item by assigning every item.

5. The closing bracket: }
6. A statement closing semicolon: ;

   So the code for your Items enumerator look like this:

   enum Items
   {
       item1 = 1, item2, item3
   };
   

   A basic class is shown here:

   class NewObject
   {
   public:
       // Public members and functions
       NewObject();
       ~NewObject();
   protected:
       // Protected members and functions
   private:
       // Private members and functions
   };
   

   So to add an enum to you need to decide, is it a public, protected, or private enum? I think it is most common to have public enumerations so that is what my example shows.

   class NewObject
   {
   public:
       // Public members and functions
       NewObject();
       ~NewObject();
   
       enum Items
       {
           item1 = 1, item2, item3
       };
   
   protected:
       // Protected members and functions
   private:
       // Private members and functions
   };
   

   Now you can use the enum on any instantiated class.

So I already have an article on installing Bugzilla. See it here:
How to install Bugzilla on a FreeBSD 7.2 with Apache + SSL and MySQL?

So I am not going to cover installing Bugzilla. Just how to get it to connect to Active Directory. Mostly the documentation was there, but there was not really a good example of actual implementation. If the documentation doesn’t provide an example (preferably multiple real world exmaples) then it is poor documentation. Yes, Bugzilla, you are free to take my documentation and put it in your manual, or link to this page.

1. Gather the information from your production environment, especially the LDAP information for your Active Directory configuration: 
   • Bugzilla Server name: 
     http://myserver/bugzilla

      

   • The LDAP Servers (Active Directory servers):
     dc1.corp.mydomain.tld, dc2.corp.mydomain.tld

      

   • The LDAP Bind DN info of a user that can read Active Directory. (This can be any active directory user, as long as this user can read active directory’s users, which pretty much an user no matter how locked down can do.)So my username on the domain is JBarneck, but that is not what to use here. The LDAP Bind DN of my user name is like this (with company secret information changed).
     CN=Barneck\, Jared,OU=MyDepartment,OU=MyCity,DC=corp,DC=MyDomain,DC=tld:MyPasswd!

      

   • The LDAP Base DN, which is the LDAP information for the OU that your users are in.
     My LDAP Base DN for the OU I am in is this (again with company secret information changed). This is exactly what I pasted into my configuration, backslash and all. 
     OU=MyDepartment,OU=MyCity,DC=corp,DC=MyDomain,DC=tld
   • The LDAPuidattribute, which is sAMAccountName and I don’t know if you can changed in Active Directory.
     sAMAccountName

      

   Note: I’ll be honest. I didn’t have access to a domain controller or Active Directory so I used a tool called LDAPWhoAmI.exe (with an accompanying ldapinfo.dll) that is included in LANDesk’s Management Suite software. I can’t give you these files. But if you wanted to do a trial of LANDesk Management Suite, you could download a Management Suite trial (which is a gig or so) and extract it and get these files. You don’t have to install, just extract and search for the two files. Copy them to a Windows workstation on your domain, then open a command prompt and change to the directory where LDAPWhoAmI.exe and ldapinfo.dll was copied and run LDAPWhoAmI.exe.

2. Log into Bugzilla as an administrator. There is not default administrative user for Bugzilla. You should have created a user account as part of the install.
3. Enable the LDAP module.
   1. Click on Administration from the top menu bar.
   2. Click on Parameters.
   3. Click on User Authentication on the left menu bar.
   4. Scroll down to the user_verify_class setting.
   5. Highlight LDAP and click the up arrow so that it is first in the list. I left DB enabled. I left Radius disabled.
   6. At the bottom of the web page (yes you have to scroll all the way to the bottom) click the Save Changes button.
4. Configure LDAP to connect to Active Directory.
   1. Click on LDAP on the left menu bar.
   2. Under LDAPserver put your Active Directory servers.
      dc1.corp.mydomain.tld, dc2.corp.mydomain.tld

       

   3. Under LDAPbinddn put your user’s ldap info.
      CN=Barneck\, Jared,OU=MyDepartment,OU=MyCity,DC=corp,DC=MyDomain,DC=tld:MyPasswd!

       

   4. Under LDAPBaseDN put your LDAP info for the OU with your users.
      CN=Barneck\, Jared,OU=MyDepartment,OU=MyCity,DC=corp,DC=MyDomain,DC=tld:MyPasswd!

       

   Under LDAPuidattribute put sAMAccountName.

   sAMAccountName

    

   5. At the bottom of the web page click the Save Changes button.
5. test Authentication.
   1. Either log out or use a different browser or a different machine and connect to your bugzilla url: 
      http://myserver/bugzilla

       

   2. Log in using an Active Directory account. I was unsure if I was supposed use an email or my username and it worked using my Domain user name, JBarneck, and my Domain password.

   I hope this helps all of you get Bugzilla to authenticate using Active Directory much faster than if you had to scour the web for problems.

   ---

   Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com. 

Ok, so I want to have Subversion authentication work from a MySQL database. I am going to try to use Cyrus SASL for this.

I already have instructions for installing the necessary parts:

1. Install FreeBSD.
   How do I install FreeBSD?

2. Update FreeBSD and download the ports tree.
   What are the first commands I run after installing FreeBSD

3. Then install Subversion, however, one difference you need to make to the install instructions for subversion. You need to install with SASL2 support. When you run make install it is an option.

How to install subversion 1.6.6 on FreeBSD 7.2

Ok, now that you have everything is installed, you are were I am and ready to try to get this configured.

Configuring Subversion to use SASL to Authenticate to a MySQL database

1. Create a simple MySQL database. The following is a simple database creation script that creates a database with one table and two rows.

   CREATE DATABASE UserDB;
   USE UserDB;
   CREATE TABLE `users` ('username' varchar(255), 'password' varchar(255) )
   INSERT INTO users VALUES ('user1','pw1');
   INSERT INTO users VALUES ('user2@MyReal.com','pw2');
   INSERT INTO users VALUES ('user3@myemailaddress.com','pw3');
   

   Note: I use these accounts to show what works and what does not work because the idea of “realms” is confusing.

   You may be asking why I don’t have three rows, one for each item: User, Password, Realm.

   Well, if you really are creating a new database to handle SVN Users then that is how you should do it and here is it is.

   CREATE DATABASE UserDB;
   USE UserDB;
   CREATE TABLE `users` ('username' varchar(255), 'password' varchar(255) , 'realm' varchar(255))
   INSERT INTO users VALUES ('user1','pw1','realm');
   INSERT INTO users VALUES ('user2@MyReal.com','pw2','realm');
   INSERT INTO users VALUES ('user3@myemailaddress.com','pw3','realm');
   

   However, because I am assuming that you want to authenticate to users that are in an already existing database, realm won’t really exist. However, you may have usernames that are in email format, or not in email format an that makes a difference because Subversion splits the username at an @ symbol and the username is only what is before the @ symbol. See the troubleshooting realms section below.

2. Edit the following file:
   /home/svn/repos/MyApp/conf/svnserve.conf

   #	ee /home/svn/repos/MyApp/conf/svnserve.conf

   The following are the lines that should NOT be commented out.

   [general]
   anon-access = none
   auth-access = write
   realm = MyDomain.com

   [sasl]
   use-sasl = true

3. Create and edit the following file:
   /usr/local/lib/sas2/svn.conf

   #	ee /usr/local/lib/sas2/svn.conf

   The following are the lines that should NOT be commented out.

   [general]
   pwcheck_method: auxprop
   mech_list: plain
   auxprop_plugin: sql
   sql_hostnames: localhost
   sql_engine: mysql
   sql_user: root
   sql_passwd: pw
   sql_database: UserDB
   sql_select: SELECT password FROM users WHERE username='%u'

   Note: For debugging add log_level: 7 to this file and then watch the /var/log/debug file.