[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN Security

From: Sofie <osofie_at_excite.com>
Date: 2006-04-14 21:11:13 CEST

  See below -> I was tasked to configure Subversion on a Debian Testing server with> Apache with Windows XP Pro clients to access the repository with > file level ACLs.> The goal was a single repository with differing user groups > only seeing> those files within the repository they have rights to access. It's> desired that users can commit their changes back to the repository.> I'd seen references to LDAP providing 'fine-grained' access > control in> Subversion, but don't know how to implement it in a Subversion > context.>> I'd seen that WANdisco appears to implement that capability -> http://www.wandisco.com/php/benefits_administrators.phpYes, we use that capability in our deployment here. They support a notion of hiearchical groups. You can create an ACL based on a user or group pattern (full regular expressions). For example we have an over all Engr group divided into sub-groups ProductA,
ProductB..Within each Product group we have roles like - QA, Dev, Docs etc. Then we map users to specific roles or groups. Finally we can implement fine grained authroization policies (dir/file paths). They also have a privilege hiearchy, so I can say role X is allowed list access to specific files/dirs. See their docs for more info -http://www.wandisco.com/techpubs/svnmanual/node11.html#SECTION000111000000000000000Regards,

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
Received on Fri Apr 14 21:12:56 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.