[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN mixed public\restricted access, please help!

From: Nerius Landys <nlandys_at_gmail.com>
Date: Tue, 9 Nov 2010 14:59:15 -0800

I've tried and tried to get a per-directory thing going where one was public
(anonymous) and others were password protected. IIRC, a problem I had was
the public one needed authentication to do an "svn log", even though you
could "svn checkout" just fine w/o a password. Anyhow, I gave up. Your
repository should be either all public or all password restricted, but not
both. Othewise it's too buggy. That's why I have 2 SVN servers running -
one for public access and one requiring security clearance.

On Tue, Nov 9, 2010 at 10:32 AM, Shaun Martin <smartin_at_akazaresearch.com>wrote:

> Hi All,
>
> Ok I am trying to achieve a repository that at its base level everyone has
> read-only access without a username. But then at subsequent levels I would
> like to remove their access so they have none. I thought this could be
> accomplished with 1.6 with the addition of "~" and "$anonymous" but I have
> yet been able to get a working configuration.
>
> First off I tried setting up my apache just like this for my repo.
> *Code:*
> <Location /repos>
> DAV svn
> SVNParentPath /var/svn
>
> # our access control policy
> AuthzSVNAccessFile /path/to/access/file
>
> # try anonymous access first, resort to real
> # authentication if necessary.
> Satisfy Any
> Require valid-user
>
> # how to authenticate a user
> AuthType Basic
> AuthName "Subversion repository"
> AuthUserFile /path/to/users/file
> </Location>
>
> with this in my SVNAccessFile
>
> *Code:*
> [openclinica:/subdir]
> @clients = rw
> @svn-admin = rw
>
> [/]
> @svn-admin = rw
>
> I could not achieve a non authenticated user to gain access unless i added
> either "* = r" or "$anonymous = r" to the [/] in the access file. so now my
> file looks like this.
>
> *Code:*
> [openclinica:/subdir]
> @clients = rw
> @svn-admin = rw
>
> [/]
> @svn-admin = rw
> $anonymous = r
>
> Now I try to remove access to my subdir for the anonymous users by adding
> "~$anonymous = r" so my file now looks like this.
>
> *Code:*
> [openclinica:/subdir]
> @clients = rw
> @svn-admin = rw
> ~$anonymous = r
>
> [/]
> @svn-admin = rw
> $anonymous = r
>
> which apparently does nothing as anonymous users can still access my subdir
> and it does not force anyone to login.
>
> So then I tried the following.
>
> *Code:*
> [openclinica:/subdir]
> @clients = rw
> @svn-admin = rw
> $anonymous =
>
> [/]
> @svn-admin = rw
> $anonymous = r
>
> Which did not allow anonymous users to access my subdir, unfortunately it
> does not allow my authenticated users to access the subdir either.
>
> I have tried all these configuration with the "Satisfy Any" in apache
> enabled and disabled. Please help!!
>
> This was posted on svnforum.org
> http://www.svnforum.org/2017/viewtopic.php?p=32748#32748
>
> Thanks,
> Shaun
> --
> *Shaun Martin
> *Systems Administrator
> Akaza Research
> *smartin_at_akazaresearch.com
> *Office: (781) 547-8413
> www.akazaresearch.com <*http://www.akazaresearch.com/*>
> www.openclinica.org <*http://www.openclinica.org/*>
> Open Source Platform for Clinical Research
>
>
Received on 2010-11-09 23:59:53 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.