Can GitoLite and Git Using LDAP and NOT SSH keys

Question

my firm is looking at using git and gitolite but does not want to use SSH keys and work like to use LDAP.. Can this be done??

I never seen this done.. everyplace I have

Answer 1

Yes, you can do it without any issue.

You simply need your Apache to do the authentication part (since gitolite is only an authorization layer), and call gitolite-shell instead of git-http-backend, with REMOTE_USER set by Apache (and used by gitolite-shell).

See a detailed example in "Git with Ldap on Ubuntu with Apache".

The main part of the httpd.conf being:

SetEnv GIT_PROJECT_ROOT @H@/repositories
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GITOLITE_HTTP_HOME @H@
ScriptAlias /hgit/ @H@/sbin/gitolite-shell/
SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
  SSLOptions +StdEnvVars
</FilesMatch>
<Location /hgit>
    SSLOptions +StdEnvVars
    Options ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
    #AllowOverride All
    order allow,deny
    Allow from all
    AuthName "LDAP authentication for Smart HTTP Git repositories"
    AuthType Basic
    AuthBasicProvider myldap companyldap
    AuthzLDAPAuthoritative Off
    Require valid-user
    AddHandler cgi-script cgi
</Location>

(@H@ is just a template value, to be replaced by your path)