[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Does Path based authorization exist using SVN 1.30 & Apache 2.0.55 with an Authz style permissions file?

From: Edward Bosco <ebosco_at_prologic-inc.com>
Date: 2006-04-04 19:40:01 CEST

-----Original Message-----
From: Andy Levy [mailto:andy.levy@gmail.com]
Sent: Tuesday, April 04, 2006 11:31 AM
To: Edward Bosco
Cc: users@subversion.tigris.org
Subject: Re: Does Path based authorization exist using SVN 1.30 & Apache
2.0.55 with an Authz style permissions file?

 

On 4/4/06, Edward Bosco <ebosco@prologic-inc.com> wrote:

> Wanted to verify I'm trying a doable task. I noticed the 1.3.0
changelog

-snip-

> mixed openLDAP / Authz authorization.

 

It was noted in the 1.3 release notes because it was a new feature for

svnserve with 1.3. Path-based authorization made its first appearance

in Apache-served repositories in a much earlier version (and thus

wasn't release notes-worthy at 1.3).

 

If you can provide more details about any errors you're getting

serving via Apache, the list can probable help you resolve it.

 

== Symptoms ==

 

No authorization control via the dav_svn.authz file

No obvious to me pattern in the ssl_error_log or ssl_request_log or
ssl_access_log

I want to prevent access by users ebosco or test1 to the /sim
subdirectory within the testrepo repository.

I then want to prevent access to particular files within that
subdirectory by other users.

 

== Setup ==

Debian Sarge testing with Apache 2.0.55, svn 1.3.0 pulled from unstable
(note I got the same symptoms under svn 1.2.3)

 

There are three repositories at the svn root. One of these is a
testrepo.

 

== The dav_svn.authz file looks like:

 

[Repo1:/]

* = rw

 

[Repo2:/]

* = rw

 

[testrepo:/]

* = rw

 

[testrepo:/sim]

ebosco =

test1 =

 

== The dav_svn.conf file looks like:

 

<Location /svn>

 DAV svn

 SVNParentPath /var/repos/repositories

 AuthType Basic

 AuthName "Test Repository"

 AuthLDAPBindDN test@protest.com

 AuthLDAPBindPassword test

 AuthLDAPURL ldaps://vast.protest.com ...

 AuthLDAPAuthoritative ON

 AuthAuthoritative off

 AuthUserFile /etc/apache2/users

 Require valid-user

 AuthSVNAccessFile /etc/apache2/dav_svn.authz

 

 </Location>

== More info if useful - and Thanks.

 
Received on Tue Apr 4 19:43:28 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.