SASL and path-based Authorization

From: <schmidt_at_isf.rwth-aachen.de>
Date: Wed, 04 Feb 2009 15:15:31 +0100

Hello,

I'm trying to set up a Subversion-Server on a Debian Linux system. In my
repository there are some folders that should only be changed by one
group.
I'm using SASL for authentication and encryption but if I comment in the
authz-db line in svnserve.conf I cant commit anything anymore.

Here my conf-files:

svnserve.conf:
[general]
anon-access = none
auth-access = write
#password-db = passdb
authz-db = authzdb
realm = MyRealm

[sasl]
use-sasl = true
min-encryption = 128
max-encryption = 256

authzdb:
[groups]
main = ans
head = art

[/var/myrepository]
* =
@main = rw
@head = rw

[/var/myrepository/folder1]
* =
@main = r
@head = rw

The user ans and art are in the sasldb-File for the realm MyRealm and if I
comment out "authz-db" it works properly but without restrictions on
different paths...

(I've also tried to use the username in the autzdb but it doesn't work
either...)

So, can I use path-based authorization with SASL-user-management, or is it
impossible? And if it works, how?

Thank you very much.

With best regards,
Andre Schmidt

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1102374

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-02-04 15:18:51 CET

This message: [ Message body ]
Next message: Geir Engebakken: "Partial update possible?"
Previous message: Ilan Yaniv: "HTTP and HTTPS"
Next in thread: Geir Engebakken: "Partial update possible?"
Reply: Geir Engebakken: "Partial update possible?"
Reply: Andre Schmidt: "RE: SASL and path-based Authorization"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]