Git with ldap authorization
Should work:
Access git repos over SSH using standard logins (nothing unusual here).
Make your git repos have access permissions for a certain group, which particular logins have membership of.
Use pam-ldap to make your standard login system work with LDAP.
If there's a more specific way, that JUST checks ldap without affecting the rest of your system? I don't know, but it's probably possible with a pre-commit hook, or something like that.
You can use update or pre-receive hook to do additional access control; see update-paranoid (in Perl) from contrib/hooks/ for an example (it doesn't uses LDAP, but you can always modify it to use it, using for example DBI via DBD::LDAP to store permission configuration, or Authen::Simple::LDAP directly).
It might be possible to enhance tools such like gitosis (in Python) or gitolite, which are used to access git repositories via SSH without requiring to set up (perhaps limited) separate shell account for each user, to use LDAP for authentication.
The straightforward solution I've experienced is the following:
- Setup CentrifyDC Express to provide you pam-ldap;
- Access your GIT repositories via SSH.
Et voilĂ !