At the time of writing this book, the support for third-party authentication systems outside the ones already mentioned is still quite limited. The next forthcoming Version 2.8 of Gerrit will introduce the concept of "pluggable authentication backend" that would provide a real integration with any external authentication system.
With this in mind, the only option is to put another HTTP frontend reverse proxy in front of Gerrit and manage the authentication externally. Gerrit will then get the user identity from a trusted HTTP header generated securely by the HTTP frontend.
By using Apache 2.4 as a HTTP frontend, we can use the following available authentication modules:
SQL database (
mod_authn_dbd.c
)DBM files (
mod_authn_dbm.c
)Password file (
mod_authn_file.c
)Radius (
mod_auth_radius.c
)Kerberos (
mod_auth_kerb.so
)
In addition to these free authentication modules, there are a number of existing commercial modules that also integrate...