[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: AuthzSVN behavior different between browser and svn client

From: Guido Anzuoni <guido.anzuoni_at_kyneste.com>
Date: 2005-01-10 09:00:11 CET

Hi,
in your httpd.conf you have the
Require valid-user
directive that triggers user authentication.

For mixed repo access I have define multiple location directives in the following way:

<...snip...>

SetEnvIf User-Agent (.*)SVN(.*) svnagent

<Location /svn>

   DAV svn
   SVNParentPath E:/SVNROOT/repositories

   AuthzSVNAccessFile E:/SVNROOT/config/security/svn-http-authz.txt
   
AuthType SSPI

SSPIAuth On
SSPIAuthoritative On
SSPIDomain mydomain
SSPIOfferBasic On
   

        Deny from all
      allow from env=svnagent
           Require valid-user
        Satisfy all

</Location>

<Location /svndav>

   DAV svn
   SVNParentPath E:/SVNROOT/repositories

   AuthzSVNAccessFile E:/SVNROOT/config/security/svn-http-authz.txt
   
   <LimitExcept GET PROPFIND OPTIONS REPORT>
        Deny from all
   </LimitExcept>
</Location>

<...snip...>

I use /svn uri to access repo via svn clients (mainly TSVN) while I let repo access via web folder (DAV) using
svndav.
(Maybe, with a little work, it is possible to collapse the two locations too).

I cannot help you for https, I am sorry.

Guido.

> -----Original Message-----
> From: Martin J. Stumpf [mailto:mjs@jhu.edu]
> Sent: Friday, January 07, 2005 10:43 PM
> To: users@subversion.tigris.org
> Subject: AuthzSVN behavior different between browser and svn client
>
>
> (Sorry for the repost, I replied and changed the subject in the first
> one. Lesson learned)
>
> Hi,
> I am trying to get the AuthzSVN working and am having
> trouble. Given the
> directives below, I should not be prompted for a password according to
> the RedBook because my authorizations file has the anonymous entry in
> it. Using the svn client I am asked to accept the ssl certificate and
> then correctly granted entry. Using a browser howerver and going to
> location /svn I am prompted for a password. Is this a problem with the
> DAVsvn?
>
> I want to implement mixed repo access and this is just stage 1.
>
> Also, the SSLRequireSSL does not seem to work here. I can use standard
> http with no problems for both the svn client and browser
> based access.
> I don't want plain text passwords and digest is still
> experimental so I
> was hoping that SSL would work. Has anyone got a similar
> setup to work?
>
> (FC2 and subversion 1.1.1)
>
> Thanks
> -Martin
>
> <Location /svn>
> DAV svn
> SVNParentPath /mip/svn
> SVNIndexXSLT /svnindex.xsl
> # Authentication
> SSLRequireSSL
> Require valid-user
> Satisfy Any
> AuthType Basic
> AuthName "MIP SVN Repositories"
> AuthUserFile /mip/svn/users
> # Authorization
> AuthzSVNAccessFile /mip/svn/authorizations
> </Location>
>
> Here is the authorizations file
> #
> # This file contains the authorizations for the repositories
> #
>
> [/]
> * = r
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Jan 10 09:03:35 2005

This is an archived mail posted to the Subversion Users mailing list.