RE: SVN Security

From: steven.higgan <steven.higgan_at_orcon.net.nz>
Date: 2005-07-18 02:07:19 CEST

Yes the apache thing is a bit of a stinker, for a lot of dev-shops it is a
'no-go' for svn. The only thing that will ever change that is somebody
familiar with the internals of IIS and SVN to write an IIS DAV_SVN isapi?
layer.

To answer your question, iis and apache will work fine together. Here is
what I do.

Apache and IIS6 are installed on my public server port 80 (public) & 8080
(private) respectively, Apache is the 'front server' it is setup to run svn,
trac, awstats and 'reverse-proxy' to my IIS server which handles all the
stuff I do to get paid.

The one and only reason apache is the public server is because the windows
version of 'reverse proxy' costs a stupid amount of money, otherwise it
would have been IIS proxying to Apache.

I have been using this configuration for about a year and a half with no
issues, however in the next month or so I will be shifting to dropping
apache (trac, awstats with it) and migrating to svn-ssh and other 'tools
that actually work' on IIS

As for the requirement for 'decent security', im surprised that you haven’t
been told to RTFM because its all in there.

-----------------------------------------------------
Steven H

-----Original Message-----
From: Calvin [mailto:szguoxz@hotmail.com]
Sent: Sunday, 17 July 2005 12:23 a.m.
To: 'John'; users@subversion.tigris.org
Subject: RE: SVN Security

Yea, the only problem is Apache. I've already have IIS on my server, not
sure they can live together or not. I want to use SVN, so I can learn. But
SVN forces me to learn Apache, which I don't think I am going to use it in
any other way but SVN, kindof a waste.

If SVN server can provide decent security configuration, it will be a killer
app.

-----Original Message-----
From: news [mailto:news@sea.gmane.org] On Behalf Of John
Sent: Saturday, July 16, 2005 5:23 AM
To: users@subversion.tigris.org
Subject: Re: SVN Security

Calvin <szguoxz <at> hotmail.com> writes:

> Well, The per-directory security is just too difficult to understand and
> implement.
>
> Any plan to implement security feature in SubVersion in future?

I've been using SVN on win32 for about 18 months. The security features are
easy
to understand:

========
[/trunk]
john = rw
calvin = r
========

How difficult can that be?? Hopefully in time these permissions will be
embedded
in the repos itself, and will be enforced through all connection types.

The requirement for Apache on a windows box is less ideal when you are
running
IIS, but you'll grow to love Apache, and its easy configuration. It has a
proper
configuration file instead of loads of junk in the registry!!

Transparent config files are something Microsoft is (sloooowwwly!)
rediscovering
with .NET etc. Given a decade IIS will probably work much like Apache does
now... only it will take up 4 times the memory ;)

John

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

-- 
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.9.0/50 - Release Date: 16/07/2005
 
-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.9.0/50 - Release Date: 16/07/2005
 
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Mon Jul 18 02:08:57 2005

This message: [ Message body ]
Next message: Calvin: "SVN scripting"
Previous message: Travis Spencer: "Re: Exporting a svn repo via HTTP using only htaccess"
In reply to: Calvin: "RE: SVN Security"
Next in thread: Calvin: "SVN scripting"
Reply: Calvin: "SVN scripting"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]