[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: FW: a question about the access file syntax: username aliases

From: Karl Fogel <kfogel_at_red-bean.com>
Date: Fri, 19 Sep 2008 13:37:27 -0400

Victor Gong <Victor_Gong_at_phoenix.com> writes:
> Hi, Subersion developers
> Somebody can help me the problem shown below?

Hi Victor,

Your question is about using Subversion, so please post it to the
"users" mailing list. See
<http://subversion.tigris.org/mailing-lists.html>.

Thanks.
-Karl

> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
> From: Victor Gong
> Sent: 2008年9月17日 15:29
> To: 'users_at_subversion.tigris.org'
> Subject: a question about the access file syntax: username aliases
>
> Hi, Subversion developers
> I am now using subversion 1.5 + Http 2.2.9 with LDAP authentication, it works
> fine.
> But now, I want to do per-directory access control with LDAP authentication
> which someone can read and write in the special directories, others can only
> read them. and it cannot work with my setting: http.conf + authz.
> I notice there is a file syntax: aliases in authz file, but I wandered whether
> my setting is correct.
> Could you give me some help?
>
>
> Http.conf:
> <Location /H>
> DAV svn
> SVNParentPath /svn
> SVNListParentPath on
>
> # LDAP Authentication & Authorization is final; do not check other databases
> # AuthLDAPAuthoritative on
>
> # Do basic password authentication in the clear
> AuthType Basic
> AuthBasicProvider ldap
> # The name of the protected area or "realm"
> AuthName "UEFI Subversion Repository"
>
> # Active Directory requires an authenticating DN to access records
> # This is the DN used to bind to the directory service
> # This is an Active Directory user account
> AuthLDAPBindDN "CN=LDAP_RO,CN=USERS,DC=PHOENIX,DC=COM"
>
> # This is the password for the AuthLDAPBindDN user in Active Directory
> AuthLDAPBindPassword H3r3Buggy
>
> # The LDAP query URL
> # Format: scheme://host:port/basedn?attribute?scope?filter
> # The URL below will search for all objects recursively below the basedn
> # and validate against the sAMAccountName attribute
> AuthLDAPURL "ldap://134.122.1.67:389/ou=phoenix,dc=phoenix,dc=com?
> sAMAccountName?sub?(objectClass=*)"
>
> # Require authentication for this Location
> Require valid-user
>
> AuthzSVNAccessFile /usr/local/apache2/conf/authz
>
> </Location>
> authz:
> [aliases]
> # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/
> CN=Joe Average
> Victor_Gong = CN=Victor Gong,OU=Nanjing,OU=China,OU=Personnel,OU=People,OU=
> Phoenix,DC=phoenix,DC=com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-09-19 19:37:40 CEST

This is an archived mail posted to the Subversion Dev mailing list.