[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Password authentication for ra_svn

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2003-11-02 04:21:06 CET

We now have password authentication in ra_svn, using a tiny homegrown
implementation of the CRAM-MD5 auth mechanism (which hides the
password from prying eyes on the network, but does not authenticate
the server or protect the data which goes over the connection). We
also have some very basic authorization policies.

You control all this stuff with the svnserve.conf file at the top
level of the repository. New repositories will get a sample
svnserve.conf file. A minimal configuration file for a repository
with password access would look like:

  [general]
  password-db = passwd # Can be an absolute path if desired

And then in the file "passwd" in the same directory, you would put:

  [users]
  USERNAME = PASSWORD
  ...

That setup would allow read access for anonymous users and write
access for authenticated users. If you wanted to allow read access
for authenticated users and no anonymous access at all, you could do:

  [general]
  password-db = passwd
  anon-access = none
  auth-access = read

The next steps I'm hoping to work out are:

  * Eliminate the -u option.
  * Get the book updated.
  * Add path-based authorization. (Much harder than the last two.)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sun Nov 2 04:21:47 2003

This is an archived mail posted to the Subversion Dev mailing list.