[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: No authentication for localhost, basic authentication for others.

From: Frank Gruman <fgatwork_at_verizon.net>
Date: 2006-04-07 17:10:19 CEST

Russ wrote:
> Can you tell the users to use file access method when they are on localhost? Then you'll just have to set up appropriate permissions.
>
> Sent wirelessly via BlackBerry from T-Mobile.
>
> -----Original Message-----
> From: Frank Gruman <fgatwork@verizon.net>
> Date: Fri, 07 Apr 2006 08:24:39
> To:Greg Martyn <greg.martyn@gmail.com>
> Cc:users@subversion.tigris.org
> Subject:
> Re: No authentication for localhost, basic authentication for others.
>
> Greg Martyn wrote:
>
>> I haven't received an answer to my question.. does anyone know the
>> right place to ask?
>>
>> The original question:
>> -----------------------------------------
>> I'm trying to require users to authenticate against a passwd file
>> unless they are from localhost (or 192.168.0.113). I have no problem
>> with users from localhost doing whatever they want to the files in
>> svn.
>>
>> With the AuthzSVNAccessFile line commented out, everyone gets in
>> without getting asked to login. With it uncommented, everyone has to
>> authenticate (even from localhost). How can I get it to ask for a
>> password when not from localhost and not ask for a password when from
>> localhost?
>>
>> Thanks,
>> Greg Martyn
>> - Hide quoted text -
>>
>>
>> <Location /svn>
>> DAV svn
>> SVNParentPath /var/www/SVNRepositories
>>
>> ModMimeUsePathInfo On
>> SVNAutoversioning On
>>
>> # Require SSL connection for password protection.
>> SSLRequireSSL
>>
>> # our access control policy
>> #AuthzSVNAccessFile /etc/httpd/conf.d/svnaccess
>>
>> AuthType Basic
>> AuthName "Subversion repository"
>> AuthUserFile /etc/httpd/conf.d/svnpasswd
>>
>>
>> Require valid-user
>> Allow from 192.168.0.113 127.0.0.1
>> Satisfy Any
>> </Location>
>>
>>
> I see your problem...
>
> Drop an Order line in ahead of your Require statement. This will have
> the effect of denying all users except the ones explicitly configured
> below it. By default somewhere higher up you Apache configuration,
> users are set to be allowed by default (typically at the actual root of
> the web server).
>
> Add this line ahead of your Require -
> Order allow,deny
>
> Let me know how it goes...
>
> Regards,
> Frank
>
 Perhaps you meant to send this to the Users list??

I would be much more inclined to add the solution I proposed as it keeps
access simple. Don't make users try to remember which
computer/workstation they are on and which access rules to follow
where. Let the machine take care of it...

Regards,
Frank
Received on Fri Apr 7 17:13:23 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.