Thanks, Garrett - It does as you say - I had, I believe, version errors;
rough procedure to cure below.
-----Original Message-----
From: rooneg@gmail.com [mailto:rooneg@gmail.com] On Behalf Of Garrett
Rooney
Sent: Wednesday, May 10, 2006 2:13 PM
To: Edward Bosco
Cc: users@subversion.tigris.org
Subject: Re: Does https / SSL with mod_authz_svn & Basic Authentication
work?
On 5/10/06, Edward Bosco <ebosco@prologic-inc.com> wrote:
> Garrett -
>
> I've implemented directory and file access control authorization under
> http, with the standard subversion tools under Apache 2.0 and SVN
1.3.1
> via paths and users defined in an AuthzSVNAccessFile.
>
> Basic authentication with users and passwords is defined via htpasswd
> and a users' file.
>
> I've not yet been able to do that using SSL encryption and the https
> protocol.
>
> Is this possible under https? I'll get a challenge on initially
entering
> the website, but no further challenges as I traverse the protected SVN
> directory tree.
There shouldn't be any reason you can't make that work over https. In
fact there should be several examples of similar things in the docs.
-garrett
==
Appreciate the reply, Garrett.
Got it working this afternoon under Windows and Win32. I was able to
demonstrate per-file and per-directory Access Control via a
AuthzSVNAccessFile list under both http and https websites.
The key change was to use all the latest versions of Apache2 - 2.0.58,
Openssl_0.9.8b and SVN 1.3.1.
I got errors on startup with Apache 2.0.55 and openssl_0.9.7a on adding
the Subversion 1.3.1 Apache modules. The errors were expressed as
"..corrupted modules" at Apache startup time. I could get both http and
https operation with Apache, but no subversion support.
The method was installing a regular non-SSL version of Apache 2.0.58 on
the Windows XP Pro machine. I verified it could webserve, stopped
Apache, and then added https / SSL support. The site
http://hunter.campbus.com/ has an Apache zip file with SSL support
compiled in.
Apache_2.0.58-Openssl_0.9.8b-win32.zip
The zip file is unzipped in a separate directory, and the binaries and
libs are overlaid on the original Apache 2.0.58. The httpd.conf and
ssl.conf files had minor changes required. I then verified good http and
https operation, and then added in the subversion Apache modules, and
the /svn directory.
A good HowTo can be found at Raible's Wiki: ApacheSSL
http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL
==
I'm going to update my Debian Testing server in a similar fashion - I
still have 2.0.55 Apache running, with 1.3.1-2 subversion. I'm hoping
that will provide ACL for the Debian side as well.
Thanks,
Ed.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu May 11 00:09:51 2006