> From: Glenn A. Thompson [mailto:gthompson@cdr.net]
> Sent: 23 May 2002 10:30
[...]
>> There are some issues with respect to doing fine grained access control
>> with Apache. Greg Stein and I tried to come up with an Apache configuration
>> that did fine grained access control, but we got bitten by the so
>> called '$svn' url.
>
> Not sure what you mean here, but what halted me was the idea that a given URL
> "name" can point to different nodes over time. wooaa. I planned on the ACLs
> being contained outside subversion at first. No No No. Once I thought about it,
> I freaked and stopped. It has to be in the Repos to work.
This was to see if we could get fine grained access control going without
implementing anything in subversion, so that if people really wanted it, they
could have it by doing it through Apache configuration.
And yes, you are right, several Locations can point to the same repository,
which would be a nightmare when it comes to access control. However, this
isn't really a problem since this is done in the same apache configuration
file where you took great care in doing access control. It would be stupid
to shoot yourself in the foot.
As for "it has to be in the repos to work", yes, true. I think we came up
with implementing it using svn:acl properties. This is what I would like to
see as a priority item _post_ 1.0.
Anyhow, not targetted at Glenn in particular, if you haven't read the ACL threads
in the archives, please try to locate and read them before following up. That
saves a lot of duplicated discussion.
Sander
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu May 23 11:11:57 2002