Hi Jon,
The link you sent was helpful and the final workaround mentioned in
the article seems to work, except one thing...
There seems to be a security hole, which is that web-browsing of the
restricted sub-directory is still possible using the anonymous-open
URL. Thus, the solution does not seem to be feasible. I'll followup
by commenting directly on the authors article, but if anyone has any
other suggestions, it would be greatly appreciated.
Thanks,
On Sun, Dec 20, 2009 at 10:36 PM, Gabriel Ricardo
<gabriel.ricardo_at_gmail.com> wrote:
> Thanks for all the responses. I tried all of the suggestions, but
> unfortunately none of them worked. I also downloaded and installed
> subversion 1.6.5, along with apache 2.2.14 to see if maybe I needed
> more recent versions. I still have the same strange behavior, where
> either the sub-directory appears to users as if it does not exist, or
> all users can access it. Very frustrating. Seems like this is an
> area of subversion functionality that would greatly benefit from some
> more documentation, or some subversion developers troubleshooting why
> this breaks down for so many users.
>
>
>
> On Thu, Dec 17, 2009 at 3:08 AM, Jon Foster <Jon.Foster_at_cabot.co.uk> wrote:
>> Hi,
>>
>> Gabriel Ricardo wrote:
>>> I cannot figure out how to restrict permissions on a sub-directory.
>>> What I want is to have anonymous read/write access to everything
>>> except a sub-directory, where only two users have read/write and
>>> everyone else has no access (read or write). I've done a lot of
>>
>> This looks relevant:
>>
>> http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html
>>>> Since anonymous users can checkout the tree, Apache never bothers
>>>> to query you for authentication credentials. And you can't force
>>>> Subversion to transmit authentication credentials when Apache
>>>> hasn't asked for them.
>>
>> There are workarounds documented in the blog post.
>>
>> Kind regards,
>>
>> Jon
>>
>>
>> **********************************************************************
>> This email and its attachments may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Cabot Communications Ltd.
>>
>> If you are not the intended recipient of this email and its attachments, you must take no action based upon them, nor must you copy or show them to anyone.
>>
>> Cabot Communications Limited
>> Verona House, Filwood Road, Bristol BS16 3RY, UK
>> +44 (0) 1179584232
>>
>> Co. Registered in England number 02817269
>>
>> Please contact the sender if you believe you have received this email in error.
>>
>> **********************************************************************
>>
>>
>> ______________________________________________________________________
>> This email has been scanned by the MessageLabs Email Security System.
>> For more information please visit http://www.messagelabs.com/email
>> ______________________________________________________________________
>>
>
Received on 2009-12-22 00:24:05 CET