[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

AuthzSVNAccessFile and single read-only user.

From: Bogdan B. Rudas <bogdan.rudas_at_nivalnetwork.com>
Date: Tue, 23 Jun 2009 19:43:26 +0300

Hello!
I have set of repos under Apache 2.2 https server with SVN 1.5.1
I use LDAP authentification to for users.
I would like to limit one special user to read-only access, we use this user for automated checkout.
I try with config:

[/]
rouser = r
* = rw

But "rouser" still have write access to repos. Changing order of lines did no solve a problem.
"rouser" is member of corresponding LDAP groups.

I get working configuration with something like this:

[/]
touser = r
user1 = rw
user2 = rw
....

But I would like to control access mostly via LDAP, so I need '* = rw' or something similar.

Here is part of apache vhost configuration.

<Location />
        AuthBasicProvider ldap
        AuthType Basic
        AuthName "Use your AD account"
        AuthLDAPBindDN ".................."
        AuthLDAPBindPassword "....."
        AuthLDAPURL "................?sAMAccountName?sub?(objectClass=user)"
        AuthzLDAPAuthoritative on
        AuthzSVNAccessFile /var/svn/svnaccess.conf
</Location>

<Location /com>
  DAV svn
  SVNPath /var/svn/com/
  satisfy all
  require valid-user
  require ldap-group CN=SVN_Com,OU=SVN,........
</Location>

<Location /ticket.system>
  DAV svn
  SVNPath /var/svn/ticket.system/
  satisfy all
  require valid-user
  require ldap-group CN=TicketSystem,OU=SVN.........
</Location>

How can I implement r/o access for single authentificated user ?

-- 
Bogdan Rudas
System Administrator
Nival Network
bogdan.rudas_at_nivalnetwork.com
23, Matusevicha st., office 103, 
Minsk, Belarus,
Tel: +375 17 2538272
http://www.nivalnetwork.com
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2364547
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-06-23 18:50:17 CEST

This is an archived mail posted to the Subversion Users mailing list.