mod_authz_svn authorization configuration - strange behaviour!

From: Marc Lustig <ml_at_marclustig.com>
Date: Wed, 8 Jul 2009 15:14:54 +0200

Hi all,

we are struggling here with extremely strange behaviour of the
mod_authz_svn module.
The behaviour is anything but not according to the contract (SVN red-book).

The svn_access_file looks like this:

group = abc

[/]
* = r

[/project]
@group = rw
* = r

And now, believe it or not, one can commit to /project WITHOUT giving
any credentials !!!

The apache-config has the following options:
<Location /repo >
  DAV svn
  SVNIndexXSLT "/svnindex.xsl"
  SVNPath /var/svn/repositories/ifa
  Satisfy Any
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /var/svn/repositories/repo/conf/svnusers
  Require valid-user
  AuthzSVNAccessFile /var/svn/repositories/ifa/conf/svn_access_file
  AuthzSVNNoAuthWhenAnonymousAllowed On
  AuthzSVNAuthoritative Off
</Location>

What is going on here?
Did I get something wrong?
(I also turned on apache debug mode, but that did not give any info
what is going on behind the scenes of mod_authz_svn.

Is there some really good (that means, normal) tutorial or
documentation existing?

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2369098

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-07-08 23:24:44 CEST

This message: [ Message body ]
Next message: Vincent Lefevre: "Re: Confirmation of an svnadmin dump and load"
Previous message: Ryan Schmidt: "Re: revision mismatch server - working copy"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]