RE: Fine grained access control over ra_dav using... mod_authz_svn

On Wed, 2003-06-11 at 06:20, Sander Striker wrote:

> Unfortunately, because of the current way the auth hooks work and
> are called in httpd, you cannot have one module implement group membership
> and let another benefit from it. This will probably change in some
> future version of httpd (read: whenever one of us has time to implement it).
>
I was afraid you'd say that...

> There are three options, one being
> discussed:
>
> - load the access file per connection instead of per request
> - load the access file at startup time and reload when the timestamp changes
> (requires locking)
> - load the access file at startup and require a (graceful) restart when
> someone changes it.

+1 for either of the first two options.

I'm looking for behavior like the .htaccess file, where a user can
potentially update the ACLs for their repository without requiring shell
access/ SetUID/GID scripts/ etc.

I know (and use) graceful restarts, though I have a PHP debugging module
that makes httpd segfault on a graceful restart, taking down my web site
until I do a hard restart. (I've learned to only turn this module on
when I need it!).

Still, what you've done so far fills the bill... thanks again!

Cheers,

-- 
John Locke
http://freelock.com
Recently published: "Extend the reach of users' email with IMAP"
http://www.techrepublic.com/article_guest.jhtml?id=r00620030507jxl01.htm
Play sports? Check in at http://teamcheckin.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org