[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Kerberos + basic auth with Apache (path based)

From: Daniel Klaffenbach <danielklaffenbach_at_gmail.com>
Date: Wed, 8 Apr 2009 18:28:49 +0200

Hello,

2009/4/8 Alec Kloss <alec.kloss_at_oracle.com>:
> Your question, "how do I get Apache to use multiple authentication
> modules?", is more of an Apache+mod_auth_kerb question than a
> Subversion question.  I've not found a satisfactory answer for
> Apache 2.2 + mod_auth_kerb so I've pieced together my own patches
> to Apache 2.2.9 and mod_auth_kerb 5.3 which can do this.  YMMV.
OK, thanks for that. The reason why I am still using subversion 1.4 is
that I only want to use the software packages that our distributor
(RedHat) ships. Before I start hacking any source code I am going to
try mod_python as described here: http://www.thoughtspark.org/node/25
And mod_auth_kerb also supports fallback mechanisms with
"KrbAuthoritative off".

But let's assume that I only want to use mod_auth_kerb for now. I
still cannot figure out how to tell apache to honour the conf/authz
for EACH project. I do not want to add all the paths to the different
authz files to my apache config as svn projects are being created
automatically.
If I set "require valid-user" then the admins of each repo should
still be able to limit access to their repositories. How would I do
that? It seems like wildcards do not work (like "AuthzSVNAccessFile
/var/www/svn/*/conf/authz").

Thanks,
Daniel Klaffenbahch

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1598759

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-08 18:29:40 CEST

This is an archived mail posted to the Subversion Users mailing list.