[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Restrict Read Access at Branch Level

From: p karthik <karthik1212_at_gmail.com>
Date: 2007-08-30 18:02:39 CEST

Hi Hari,

Thanks a lot for responding to my mail.

But I have tried what was there in the svnbook earlier and I got the below
error while accessing the repository through the Tortoise repository
browser.

Error * REPORT request failed on 'http://<IP:Port>/dummy' REPORT of
'http://<IP:Port>/dummy': 403 Forbidden (http://<IP:Port>)

I have removed the IP and Port in the above error for security reasons.

The contents of the httpd.conf file is as follows:

<Location /dummy>
  DAV svn
  SVNPath /subversion/dummy
  SVNReposName "NEO Dummy Repository"
  AuthType Basic
  AuthName "Subversion repository"
  AuthzSVNAccessFile /workarea/svn/svn-acl
  AuthUserFile /export/home/svn/svn-auth-file
  AuthGroupFile /workarea/svn/svn_grp_file
  <Limit POST PUT>
  Require group mygrp
  </Limit>
  <Limit PROPFIND GET>
  Require group mygrp nopegroup
  </Limit>
</Location>

My physical path of the repository is: /subversion/dummy.

The access file /workarea/svn/svn-acl content is:

[dummy:/]
karthikp = wr

I have given it as "wr" instead of "rw" as it was giving the same error and
I have read that giving "wr" resolves the problem. But it is not the case
here.

The group file /workarea/svn/svn_grp_file has the following content:

mygrp: karthikp dummy admin
nopegroup: testuser

Its working fine for me without this "AuthzSVNAccessFile" thing.

Please let me know if I am giving anything wrong or missing anything. Thanks
a lot in anticipation.

Thanks,
Karthik

On 8/30/07, Hari Kodungallur <hkodungallur@gmail.com> wrote:
>
>
> On 8/29/07, p karthik <karthik1212@gmail.com> wrote:
> >
> >
> > Hello!
> >
> > We are using subversion-1.3.2 and apache2 on Solaris platform in our
> > project.
> > We are trying to restrict read access on a branch level in repository.
> > Already the write access has been controlled with the help of
> > "pre-commit" hook script.
> > But we are not able to find a way to restrict users from reading.
> >
> > We have tried to check whether apache2 offers any thing here. But we
> > couldn't find any sort of that feature.
> > It would be of great help if somebody can point how to restrict read
> > access too on directory level.
> >
>
> Please read about per directory access control in the subversion book: http://svnbook.red-bean.com/en/1.4/svn.serverconfig.httpd.html#svn.serverconfig.httpd.authz.perdir
>
>
> Let us know if you encounter any issue setting up the configuration files
> for access control.
>
> regards,
> -Hari Kodungallur
>
Received on Thu Aug 30 18:00:25 2007

This is an archived mail posted to the Subversion Users mailing list.