Re: SVN Security

From: Sofie <osofie_at_excite.com>
Date: 2006-04-14 21:11:13 CEST

See below -> I was tasked to configure Subversion on a Debian Testing server with> Apache with Windows XP Pro clients to access the repository with > file level ACLs.> The goal was a single repository with differing user groups > only seeing> those files within the repository they have rights to access. It's> desired that users can commit their changes back to the repository.> I'd seen references to LDAP providing 'fine-grained' access > control in> Subversion, but don't know how to implement it in a Subversion > context.>> I'd seen that WANdisco appears to implement that capability -> http://www.wandisco.com/php/benefits_administrators.phpYes, we use that capability in our deployment here. They support a notion of hiearchical groups. You can create an ACL based on a user or group pattern (full regular expressions). For example we have an over all Engr group divided into sub-groups ProductA,
ProductB..Within each Product group we have roles like - QA, Dev, Docs etc. Then we map users to specific roles or groups. Finally we can implement fine grained authroization policies (dir/file paths). They also have a privilege hiearchy, so I can say role X is allowed list access to specific files/dirs. See their docs for more info -http://www.wandisco.com/techpubs/svnmanual/node11.html#SECTION000111000000000000000Regards,

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
Received on Fri Apr 14 21:12:56 2006

This message: [ Message body ]
Next message: Paul D. Smith: "Re: linux client"
Previous message: Sean Hussey: "After 1.3 -> 1.3.1 server upgrade, commits hang."
Maybe in reply to: Timo Wendt: "SVN Security"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]