On Thu, Apr 29, 2010 at 11:53 AM, vishwajeet singh <dextrous85_at_gmail.com> wrote:
> On Thu, Apr 29, 2010 at 3:09 PM, Didier Trosset <didier_trosset_at_agilent.com>
>> I have a subversion server running with apache. It authenticates users
>> using LDAP configuration and uses SVN path-based authorizations to limit
>> user access to certain repositories. This works perfectly.
>> Now, I have a service I want to setup (rietveld, for code reviews) that
>> needs to have an anonymous access to the repository. As this is a web
>> service, accesses are always done from the same server. Thus I added an
>> apache configuration to allow accesses from this machine. without user
>> | <Limit GET PROPFIND OPTIONS REPORT>
>> Order allow,deny
>> Allow from # private IP address
>> Satisfy Any
>> This did not work until I add an additional line "* = r" in the
>> authorization file to allow read access to all users.
>> For instance, before I add the authorization from a specific IP, all users
>> were authenticated, and thus had a name. Now, some accesses are done without
>> a user name! I found the |"-|" user name in the apache log files, but the
>> line "|- = r"| does not work, neither do |"anonymous = r"|. I'd like not to
>> allow read access to everyone in SVN authorization. How can I do this?
>> (More details in stackoverflow question
> IMHO there is no way to do it other than creating a dummy user and giving it
> access to all repositories in authorization file as we had similar issues
> integrating Subversion repositories with JIRA.
You can do this if you set up a separate Location block (referring to
the same svn repo) for this anonymous access. Then they can each have
their own authz file (or no authz file if it's not needed). I don't
see another way.
We do something like that:
... auth & possible authz stuff
... auth & authz stuff, Limit, ... for anonymous access within
Received on 2010-04-29 12:42:20 CEST