Scott Lawrence wrote:
> On Wed, 2004-05-05 at 13:49, Robin Becker wrote:
>
......
> My understanding is that those are two different things -
> authz_svn_module & AuthzSVNAccessFile are access control _inside_ svn
> itself.
>
The example seems to imply something else eg
"In this setup, all users start out accessing the repository anonymously. If
your access control policy demands a real username at any point,Apache will
demand authentication from the client. To do this, you use both the Satisfy Any
and Require valid-user directives together."
<Location /repos>
DAV svn
SVNParentPath /usr/local/svn
# our access control policy
AuthzSVNAccessFile /path/to/access/file
# try anonymous access first, resort to real
# authentication if necessary.
Satisfy Any
Require valid-user
# how to authenticate a user
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /path/to/users/file
</Location>
My understanding was that Require valid-user is skipped initially and then
mod_dav_svn eventually needs a user name presumably because of the
AuthzSVNAccessFile specification. Then a valid user is requested. I'll have to
exeperiment to test if that's not the case.
> AuthGroupFile is implemented in mod_access in Apache.
>
>
>>Secondly is there any way to control access within a repository using apache
>>Location & Rewrite?
>
>
> Yes, I do all the access control in apache using http authentication.
> This means that the only (write) access to the repository has to be
> through http - no svnserve, no file access (we actually do some
> read-only access on the server itself through file access, but _never_
> write access). I'd be happy to post examples...
>
That would be great; my understanding of Rewrite is poor. I have a suspicion
that RewriteBase is involved in the sort of things I might need to do.
--
Robin Becker
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed May 5 20:24:10 2004