[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Mixed authentication and WebSVN on same host

From: Konstantin Kolinko <knst.kolinko_at_gmail.com>
Date: Thu, 9 Jun 2011 11:32:00 +0400

2011/6/9 Pier-Luc Petitclerc <pl_at_fusi0n.org>:
> The problem I have with that is related to the user authentication. I have
> read that mixed authentication (anonymous vs "registered") is possible with
> authz and that's what I tried implementing.

Read The Book [1], as well as HTTPD manuals. [2]

1) To mix anonymous and non-anonymous auth (i.e. allow read-only svn
access for anons) you configure different access rules for different
HTTP methods. I.e. GET etc. will go without authentication, but
REPORT, PUT, ... will require authentication. [1] has an example.

2) "Satisfy Any" is wrong. You should be careful with it. (If you have
Allow/Deny statements elsewhere it will be enough to satisfy auth
requirements).
See [2] and you'd better configure "Satisfy All".

 [1]: http://svnbook.red-bean.com/
 [2]: http://httpd.apache.org/docs/

>
> However, the problem I'm having now is that Apache does not ask users for
> credentials presumably due to the "Satisfy Any" statement. Unless I am
> mistaken, that is how Authz work - to grab usernames off Apache's
> authentication and associate it with the ACL specified in
> AuthzSVNAccessFile... well, that's not working. I've tried many combinations
> to no avail... so is there someone who has configured something similar?
>
You can configure an access log and look there for what requests and
responses are. When apache requests auth it is HTTP response code 401.

Best regards,
Konstantin Kolinko
Received on 2011-06-09 09:32:34 CEST

This is an archived mail posted to the Subversion Users mailing list.