Re: AuthLDAP + AuthzSVNAccessFile

From: ossi petz <ossipetz_at_hallo.ms>
Date: 2007-07-20 12:16:17 CEST

hallo

indeed. but once you see both apache and subversion as two seperate
modules it may become clearer:

if AuthSth + Require valid-user fails, apache will send you a
unauthorized response. subversion specific settings do not come into
play at all. so case one seems ok.

if require user somone fails i dont get the point of anonymous access too.

i remember there was a section on anonymous access in the subversion
manual. since apache can use mutliple auth methods (ldap, basic, pam)
and ldap auth is not authoritative (something like that) apache may
continues to try to authenticate

but the book should give an example somewhere?

and yes: apache auth sometimes gives some riddles from time to time :)

Manuel Vacelet schrieb:
> Actually I still have a question.
>
> If the apache authentication faild with "AuthSth + Require valid-user"
> I'm not allowed to see the content of the repository.
> but if it's "AuthSth + Require user someone", there is an anonymous
> access and I can read the content of the repository even if I'm not
> "someone".
>
> That seems a strange logic for me...
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 20 12:15:51 2007

This message: [ Message body ]
Next message: janaka priyadarshana: "Fwd: how to set proxy settings"
Previous message: Erik Huelsmann: "Re: how to set proxy settings"
In reply to: Manuel Vacelet: "Re: AuthLDAP + AuthzSVNAccessFile"
Next in thread: Manuel Vacelet: "Re: AuthLDAP + AuthzSVNAccessFile"
Reply: Manuel Vacelet: "Re: AuthLDAP + AuthzSVNAccessFile"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]