[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: please help about SVN authentication

From: Erik Andersson <kirean_at_gmail.com>
Date: Wed, 1 Sep 2010 08:11:07 +0200

2010/9/1 alinagra <alinagra_at_163.com>

> Hi, buddies,
>
> I have setup a SVN server and I use SASL authentication. But right now I
> have a authz question:
> I can create tags with accont TIM, but when I try to create a tag with the
> account not jim, it reports "access denied" error.
>
Where do you create tags?

> Does anyone know why? Thanks in advance
>
> Here is my authz file:
> ### This file is an example authorization file for svnserve.
> ### Its format is identical to that of mod_authz_svn authorization
> ### files.
> ### As shown below each section defines authorizations for the path and
> ### (optional) repository specified by the section name.
> ### The authorizations follow. An authorization line can refer to:
> ### - a single user,
> ### - a group of users defined in a special [groups] section,
> ### - an alias defined in a special [aliases] section,
> ### - all authenticated users, using the '$authenticated' token,
> ### - only anonymous users, using the '$anonymous' token,
> ### - anyone, using the '*' wildcard.
> ###
> ### A match can be inverted by prefixing the rule with '~'. Rules can
> ### grant read ('r') access, read-write ('rw') access, or no access
> ### ('').
>
> [groups]
> # harry_and_sally = harry,sally
> aa = TIM
>
> [test:/]
> * = rw
>
> [test:/trunk/access]
> @aa = rw
> * =

>
>
>
> and here is the svnserve.conf:
> ### This file controls the configuration of the svnserve daemon, if you
> ### use it to allow access to this repository. (If you only allow
> ### access through http: and/or file: URLs, then this file is
> ### irrelevant.)
>
> ### Visit http://subversion.tigris.org/ for more information.
>
> [general]
> ### These options control access to the repository for unauthenticated
> ### and authenticated users. Valid values are "write", "read",
> ### and "none". The sample settings below are the defaults.
> anon-access = none
> auth-access = write
> ### The password-db option controls the location of the password
> ### database file. Unless you specify a path starting with a /,
> ### the file's location is relative to the directory containing
> ### this configuration file.
> ### If SASL is enabled (see below), this file will NOT be used.
> ### Uncomment the line below to use the default password file.
> #password-db = passwd
> ### The authz-db option controls the location of the authorization
> ### rules for path-based access control. Unless you specify a path
> ### starting with a /, the file's location is relative to the the
> ### directory containing this file. If you don't specify an
> ### authz-db, no path-based access control is done.
> ### Uncomment the line below to use the default authorization file.
> authz-db = authz
> ### This option specifies the authentication realm of the repository.
> ### If two repositories have the same authentication realm, they should
> ### have the same password database, and vice versa. The default realm
> ### is repository's uuid.
> realm = dreamlink
>
> [sasl]
> ### This option specifies whether you want to use the Cyrus SASL
> ### library for authentication. Default is false.
> ### This section will be ignored if svnserve is not built with Cyrus
> ### SASL support; to check, run 'svnserve --version' and look for a line
> ### reading 'Cyrus SASL authentication is available.'
> use-sasl = true
> ### These options specify the desired strength of the security layer
> ### that you want SASL to provide. 0 means no encryption, 1 means
> ### integrity-checking only, values larger than 1 are correlated
> ### to the effective key length for encryption (e.g. 128 means 128-bit
> ### encryption). The values below are the defaults.
> min-encryption = 128
> max-encryption = 256
>
>
> ------------------------------
> 您想拥有和网易免费邮箱一样强大的软件吗? <http://qiye.163.com/?163>
Received on 2010-09-01 08:12:53 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.