RE: How to best manage authorization after tag/branch creation?

From: Shaun Pinney <shaun.pinney_at_bil.konicaminolta.us>
Date: Wed, 13 Oct 2010 11:12:42 -0700

> Do you need to restrict READ access to the branch or tag, or do you
> simply want to restrict COMMIT access.

Thanks for the response. We need both, but restricting read access is
the main concern at the moment. So far, I only know of AuthUserFile
for controlling read access.

> If you just want to restrict commit access, you can use a pre-commit
> hook to kill a commit transaction if the user who doesn't have
> permission attempts to change a tag or branch.

Good to know. I'll check into the script you've mentioned. At the
moment, we've removed read access to /tags for most users. But this
is not a good long term solution.

> By the way, there's also a way to configure Apache httpd to use LDAP
> instead of a regular text file. This means that users will have access
> to your Subversion repository based upon their Windows or Unix account
> and that users will automatically get logins and have their access
> removed when they get hired or move on.

That's something we'll definitely consider. We have some other quirks
with account management to sort out first :)

Best,
Shaun
Received on 2010-10-13 20:14:55 CEST

This message: [ Message body ]
Next message: Shaun Pinney: "RE: How to best manage authorization after tag/branch creation?"
Previous message: Nelson Cabral: "Compiling mod_dav_svn against an installed Apache2 instance ?"
In reply to: David Weintraub: "Re: How to best manage authorization after tag/branch creation?"
Next in thread: Shaun Pinney: "RE: How to best manage authorization after tag/branch creation?"
Reply: Shaun Pinney: "RE: How to best manage authorization after tag/branch creation?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]