Hi all,
I am looking at moving my Apache server to 2.2 to keep up with some of
our other web servers on other products. One of the big reasons for
this is the massive change in authentication/authorization, and our
administration process tries to keep things as close in version as
possible (we have products getting ready to roll out the door on 2.2).
I have looked, and cannot find a working PAM module that takes care of
what I had in 2.0.x. So I am looking at and testing
mod_authnz_external. This links to my PAM configuration. My users all
authenticate to an Active Directory structure, and for various other
reasons I have had to implement Winbind/PAM rather than LDAP.
So the problem - I can get the external authorization to work, but the
system seems to ignore the AuthzSVNAccessFile for path browsing. There
are no errors reported. It's as if the system is just ignoring my svn
access file. Basically - anyone who can authenticate (3000+ employees
of the company) could access the repository because it is not adhering
to the rules in the auth file. The file is readable by the apache user
(wwwrun).
I have attached a copy of my Apache configuration and auth file.
Any help would be appreciated.
Regards,
Frank
<Location /code>
DAV svn
SVNParentPath /code_repos
SVNIndexXSLT /svnindex.xsl
SVNListParentPath on
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
AuthName "Micros Code Repository"
AuthzSVNAccessFile /code_repos/access.list
satisfy all
require valid-user
</Location>
[groups]
sysadmin = fgruman
myreposdevs = empty
myreposmgr = empty
myreposadmin = empty
[myrepos:/]
@myreposdevs = rw
@myreposmgr = rw
@myreposadmin = rw
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed May 17 01:09:31 2006