[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: access control: viewcvs

From: Greg Stein <gstein_at_lyra.org>
Date: 2004-08-25 07:45:03 CEST

On Mon, Aug 23, 2004 at 05:03:05PM -0500, C. Michael Pilato wrote:
> Michael W Thelen <thelenm@cs.utah.edu> writes:
>
> > > Huh? Will that actually work? mod_authz_svn's primary purpose is to
> > > decode the special URLs we use into a fashion that can do path based
> > > authorization.
> >
> > Works for me... because it's in a <Location> block, I think the path being
> > accessed looks exactly the same to mod_authz_svn whether it's being accessed
> > via /svn or /viewsvn (i.e. both http://example.com/svn/foo and
> > http://example.com/viewsvn/foo require authorization to access /foo in the
> > repository at /path/to/repos).
>
> Ah, yes, I can see how this works. So, the fact that mod_authz_svn
> can decode those special URLs is irrelevant -- ViewCVS doesn't use the
> special URLs. The important thing is that all ViewCVS URLs are normal
> GETs, and mod_authz_svn does the right thing for normal GETs aimed at
> a Subversion repository.
>
> Nice.

Not nice. It won't work. Throw a /*checkout*/ URL in there, and it alters
all of the paths seen. Whoops!

Not to mention that we've considered various URL schems where the command
goes into the URL path rather than as a query part. Again, the path gets
all skewed.

Cheers,
-g 

-- 
Greg Stein, http://www.lyra.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Aug 25 07:51:09 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.