[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

non-svn authz best practice

From: Peter Karman <peter_at_peknet.com>
Date: Tue, 11 Mar 2008 09:55:02 -0500


First, a big thanks to all the svn devs. I have used the tool for years and Can't Live
Without It[tm].

Second, my organization is on the brink of implementing a large scale svn hosting project.
We'd like to use LDAP for both auth and authz. A trip through the mail archives this
morning tells me that there have been several threads started and aborted over the last
couple years about defining project requirements for non-svn-based authz, including a
patch to mod_authz_svn.c.[0]

The svn book suggests that a start-commit hook is the ideal place to do auth/authz checks.
I am writing today to ask

(a) is there any movement afoot to implement non-svn authz, esp LDAP-based authz, and
(b) is the start-commit hook still the recommended way to implement authz aside from the
already-existing mod_authz_svn, and if so
(c) is it recommended to set SVNPathAuthz off in mod_dav_svn config if using start-commit
to do authz?


[0] http://svn.haxx.se/dev/archive-2006-07/0966.shtml

Peter Karman  .  peter@peknet.com  .  http://peknet.com/
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-03-11 15:55:25 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.