[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: please help about SVN authentication

From: Erik Andersson <kirean_at_gmail.com>
Date: Wed, 1 Sep 2010 11:36:29 +0200

2010/9/1 alinagra <alinagra_at_163.com>

> Here is the repo arch:
>
> /trunk
> ----/folder a
> ----/folder b
> ----/folder c
> ----/access
>
> /tag
>
> I think this is the most common case, and it seems if one doesn't have
> access right, he can not create a tag for /trunk.
> or is there something wrong with my configuration?

Are you using the SVNParentPath or SVNPath directive?
Can you show us your Subversion section for Apache?

>
> At 2010-09-01 14:11:07,"Erik Andersson" <kirean_at_gmail.com> wrote:
>
>
>
> 2010/9/1 alinagra <alinagra_at_163.com>
>
>> Hi, buddies,
>>
>> I have setup a SVN server and I use SASL authentication. But right now I
>> have a authz question:
>> I can create tags with accont TIM, but when I try to create a tag with the
>> account not jim, it reports "access denied" error.
>>
> Where do you create tags?
>
>> Does anyone know why? Thanks in advance
>>
>> Here is my authz file:
>> ### This file is an example authorization file for svnserve.
>> ### Its format is identical to that of mod_authz_svn authorization
>> ### files.
>> ### As shown below each section defines authorizations for the path and
>> ### (optional) repository specified by the section name.
>> ### The authorizations follow. An authorization line can refer to:
>> ### - a single user,
>> ### - a group of users defined in a special [groups] section,
>> ### - an alias defined in a special [aliases] section,
>> ### - all authenticated users, using the '$authenticated' token,
>> ### - only anonymous users, using the '$anonymous' token,
>> ### - anyone, using the '*' wildcard.
>> ###
>> ### A match can be inverted by prefixing the rule with '~'. Rules can
>> ### grant read ('r') access, read-write ('rw') access, or no access
>> ### ('').
>>
>> [groups]
>> # harry_and_sally = harry,sally
>> aa = TIM
>>
>> [test:/]
>> * = rw
>>
>> [test:/trunk/access]
>> @aa = rw
>> * =
>
>
>>
>>
>>
>> and here is the svnserve.conf:
>> ### This file controls the configuration of the svnserve daemon, if you
>> ### use it to allow access to this repository. (If you only allow
>> ### access through http: and/or file: URLs, then this file is
>> ### irrelevant.)
>>
>> ### Visit http://subversion.tigris.org/ for more information.
>>
>> [general]
>> ### These options control access to the repository for unauthenticated
>> ### and authenticated users. Valid values are "write", "read",
>> ### and "none". The sample settings below are the defaults.
>> anon-access = none
>> auth-access = write
>> ### The password-db option controls the location of the password
>> ### database file. Unless you specify a path starting with a /,
>> ### the file's location is relative to the directory containing
>> ### this configuration file.
>> ### If SASL is enabled (see below), this file will NOT be used.
>> ### Uncomment the line below to use the default password file.
>> #password-db = passwd
>> ### The authz-db option controls the location of the authorization
>> ### rules for path-based access control. Unless you specify a path
>> ### starting with a /, the file's location is relative to the the
>> ### directory containing this file. If you don't specify an
>> ### authz-db, no path-based access control is done.
>> ### Uncomment the line below to use the default authorization file.
>> authz-db = authz
>> ### This option specifies the authentication realm of the repository.
>> ### If two repositories have the same authentication realm, they should
>> ### have the same password database, and vice versa. The default realm
>> ### is repository's uuid.
>> realm = dreamlink
>>
>> [sasl]
>> ### This option specifies whether you want to use the Cyrus SASL
>> ### library for authentication. Default is false.
>> ### This section will be ignored if svnserve is not built with Cyrus
>> ### SASL support; to check, run 'svnserve --version' and look for a line
>> ### reading 'Cyrus SASL authentication is available.'
>> use-sasl = true
>> ### These options specify the desired strength of the security layer
>> ### that you want SASL to provide. 0 means no encryption, 1 means
>> ### integrity-checking only, values larger than 1 are correlated
>> ### to the effective key length for encryption (e.g. 128 means 128-bit
>> ### encryption). The values below are the defaults.
>> min-encryption = 128
>> max-encryption = 256
>>
>>
>> ------------------------------
>> 您想拥有和网易免费邮箱一样强大的软件吗? <http://qiye.163.com/?163>
>
>
>
>
> ------------------------------
> 网易邮箱,没有垃圾邮件的邮箱。 <http://mail.163.com/?from=fe1>
Received on 2010-09-01 11:37:09 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.