[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Apache setup, user access

From: Ryan Ernst <rernst-lists_at_warflame.ca>
Date: 2005-09-17 23:09:40 CEST

Dave Pawson wrote:
> I'm getting confused with <Limit ...> and <LimitExcept ...>
>
> http://httpd.apache.org/docs/1.3/mod/core.html#limit
>
> The purpose of the <Limit> directive is to restrict the effect of the
> access controls to the nominated HTTP methods.
>
> So if I have
> <Limit POST PUT >
> Require valid-user
> </Limit>
>
> Then the users in the passwd file will be able to PUT and POST
>
> With LimitExcept, I'm less clear.
> <LimitExcept> and </LimitExcept> are used to enclose a group of access
> control directives which will then apply to any HTTP access method not
> listed in the argument
>
> So <LimitExept GET>
> Require valid-user
>
> will ... what? require a recognised user for everything except GET?
>
>
> I'm trying to set up a Subversion repository which has
> password protected read access, and no other access.

If you want to do it that way, you'd use both.

<LimitExcept GET>
# No access except by get
Order deny,allow
Deny from all
</LimitExcept>

<Limit GET>
# Want to protect GET access
Require valid-user
# password stuff
</Limit>

-- 
Ryan Ernst
Photos: http://warflame.ca/gallery
Blog  : http://shadowlife.warflame.ca
"Look like the innocent flower, but be the serpent under 't."
    - Shakespeare, Macbeth
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Sep 17 23:11:31 2005

This is an archived mail posted to the Subversion Users mailing list.