[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Non-Apache WebDAV / DeltaV Module

From: Erik Huelsmann <e.huelsmann_at_gmx.net>
Date: 2005-03-15 12:53:06 CET

Hi!

> However, lately, there is a new requirement to control access to files
> and directories dynamically. The 1st thing that I thought of was using
> mod_authz_svn as it allows me to do just that but the ACL is based on a
> flat file.

Ok. To what extend do you need it to be dynamic? People have written scripts
to generate the mod_authz_svn config file from databases. What's the reason
you require it to be dynamic now?

> What I want is to make it to refer to the database. I could extend
> mod_authz_svn but I'm not familiar with it. Furthermore, I have not
> written any Apache module before.

I'm sure people will want to offer any help required to pull off the trick,
if you come up with a design and have reached consensus over it...

> Also, I thought of using Java and
> Tomcat to do that as I will have more features to add in later.

Hmm, like which features? I really think learning how to program mod_dav_svn
and mod_authz_svn will get you to your goal faster.

> If that the case I need to rewrite "mod_dav", "mod_dav_svn" and finally
> extending "mod_authz_svn" in Java. I plan to use Jakarta Slide as my
> basis for WebDAV /DeltaV. So, anyone has advice or pointer for me
> on how to proceed? Or, there is a better way to do this. thank you.

Well, if you are serious about implementing ACLs, I think it's a waist of
time to rewrite mod_dav, mod_dav_svn and mod_authz_svn: some time in the
(near?) future ACLs will (need to) be implemented at the repository level of
Subversion. mod_authz_svn never was considered a long term solution to
access control in Subversion.

Recently, patches have been submitted for mod_authz_svn to use regexes. The
poster in question was able to reduce his 15,000 rule config file to 9
rules. Maybe you need something like that?

How to proceed? Well, you could start by explaining where your need for
dynamic access control comes from. Then, you could explain why in-repository
ACLs and/or regexes won't solve the problem.

If in-repository ACLs *do* solve the problem, you could draw up a draft
design and post it here for discussion.

I hope some further discussion can keep you from writing your own DAV+DeltaV
server. It's really not a job to be taken lightly.

Hope that helps?

bye,

Erik.

-- 
DSL Komplett von GMX +++ SupergŁnstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Mar 15 12:54:13 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.