On Thu, Apr 29, 2010 at 11:53 AM, vishwajeet singh <dextrous85_at_gmail.com> wrote:
>
>
> On Thu, Apr 29, 2010 at 3:09 PM, Didier Trosset <didier_trosset_at_agilent.com>
> wrote:
>>
>> I have a subversion server running with apache. It authenticates users
>> using LDAP configuration and uses SVN path-based authorizations to limit
>> user access to certain repositories. This works perfectly.
>>
>> Now, I have a service I want to setup (rietveld, for code reviews) that
>> needs to have an anonymous access to the repository. As this is a web
>> service, accesses are always done from the same server. Thus I added an
>> apache configuration to allow accesses from this machine. without user
>> authentication.
>>
>> | <Limit GET PROPFIND OPTIONS REPORT>
>> Order allow,deny
>> Allow from # private IP address
>> Satisfy Any
>> </Limit>
>> |
>>
>> This did not work until I add an additional line "* = r" in the
>> authorization file to allow read access to all users.
>>
>> For instance, before I add the authorization from a specific IP, all users
>> were authenticated, and thus had a name. Now, some accesses are done without
>> a user name! I found the |"-|" user name in the apache log files, but the
>> line "|- = r"| does not work, neither do |"anonymous = r"|. I'd like not to
>> allow read access to everyone in SVN authorization. How can I do this?
>>
>> (More details in stackoverflow question
>> http://stackoverflow.com/questions/2728021/how-to-allow-unamed-user-in-svn-authz-file
>
> IMHO there is no way to do it other than creating a dummy user and giving it
> access to all repositories in authorization file as we had similar issues
> integrating Subversion repositories with JIRA.
You can do this if you set up a separate Location block (referring to
the same svn repo) for this anonymous access. Then they can each have
their own authz file (or no authz file if it's not needed). I don't
see another way.
We do something like that:
<Location /svn>
DAV svn
SVNPath /path/to/repos
... auth & possible authz stuff
</Location>
<Location /svn_anon>
DAV svn
SVNPath /path/to/repos
... auth & authz stuff, Limit, ... for anonymous access within
certain limits
</Location>
Cheers,
--
Johan
Received on 2010-04-29 12:42:20 CEST