[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authz_svn_module

From: Francois Beausoleil <fbos_at_users.sourceforge.net>
Date: 2004-03-05 20:16:55 CET

On Fri, 5 Mar 2004 11:11:15 -0800, "Seth Falcon" <sfalcon@fhcrc.org>
said:
> On Fri, Mar 05, 2004 at 10:20:07AM -0600, Ben Collins-Sussman wrote:
> > In other words, Apache isn't able to restrict access on paths *within*
> > an svn repository: it can only restrict access on the repository as a
> > whole. That's why we wrote mod_authz_svn.
>
> I'm confused by the above statement. It was a few months ago that I was
> experimenting with Apache, svn, and access control, but I recall being
> able to limit access to particular subdirs of a given repository using
> Apache's LocationMatch directive along with BasicAuth primitives.

What Ben's saying here is that LocationMatch can protect the "public"
part of the repository:
http://xxx/repos/project/trunk

But ! Internally, all URLs are rewritten to something like the
following, when Subversion operations occur on the repository:
http://xxx/repos/!svn/n0192/

So, while access *looks like* it's protected, in fact it's not.

Hope that helps !
François
Developer of Java Gui Builder
http://jgb.sourceforge.net/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Mar 5 20:18:24 2004

This is an archived mail posted to the Subversion Users mailing list.