[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: user access

From: Cooke, Mark <mark.cooke_at_siemens.com>
Date: Tue, 15 Nov 2011 15:05:51 +0000

[We normally bottom-post on this list to make it easier to read in order... See in-line below]

> > -----Original Message-----
> > From: j s [mailto:jbluedelta_at_yahoo.com]
> > Sent: 15 November 2011 13:29
> > To: users_at_subversion.apache.org
> > Subject: user access
> >
> > Have svn running on windows/apache and currently dev team
> > accesses svn repo's using http and tortoisesvn
> >
> > They access the repos using their domain credentials set up
> > in apache config.
> >
> > we now have a group of temps that we want to create a new
> > repo for and that they should only access that repo either by
> > using uname/pwd or via domain access.
> >
> > current set up
> >
> > [server name]\c:\svnrepo
> > \product1 ---->[dev accesses this using domain\uname&pwd]
> > \product2 ---->[dev accesses this using domain\uname&pwd]
> > \product3 ---->[dev accesses this using domain\uname&pwd]
> > \temprepo ---->[dev accesses this using domain\uname&pwd ||
> > the temp lackies access it using their uname and pwd only for
> > this repo]
> >
> >
> > Is this set up possible? how would i go about it?
> >
> > am open to changing access type based on best practise
> >
> ________________________________
>
> From: "Cooke, Mark" <mark.cooke_at_siemens.com>
> To: j s <jbluedelta_at_yahoo.com>; "users_at_subversion.apache.org"
> <users_at_subversion.apache.org>
> Sent: Tuesday, November 15, 2011 8:51 AM
> Subject: RE: user access
>
> Take a read of the subversion book here:-
>
> http://svnbook.red-bean.com/nightly/en/svn.serverconfig.pathbasedauthz.html
>
> ~ mark c
>
> -----Original Message-----
> From: j s [mailto:jbluedelta_at_yahoo.com]
> Sent: 15 November 2011 14:47
> To: Cooke, Mark; users_at_subversion.apache.org
> Subject: Re: user access
>
> Mark,
> Looked at the link you provided.
>
> In my apache/conf/httpd.conf file i have the following

...is this in a <Location> or <Directory> etc section?

> SSPIAuth On
> SSPIAuthoritative On
> SSPIDomain <domaincontroller>
> SSPIOmitDomain on
> SSPIUsernameCase lower
> SSPIPerRequestAuth on
> SSPIOfferBasic On
> AuthType SSPI
> AuthName "Subversion repositories"
> Require valid-user
> Require group "DOMAIN\companyname"

...using SSPI to _authenticate_ the user against Active Directory OK...
NB: also provides basic _authorisation_ by rejecting non-group users.

> DAV svn
> SVNListParentPath on
> SVNParentPath F:\SVN

...sets the path and enables subversion...

> #SVNIndexXSLT "/svnindex.xsl"

...you would use this to provide a nice view of the repository (TortoiseSVN has a section on this in their help file)...

> #AuthUserFile passwd

...this is for basic http authentication, you can delete this...

> #AuthzSVNAccessFile F:/SVN/auth.conf

...this is the line where you point svn to your file that controls authorisation (who can access what) but it is commented out?

> Unable to translate the link to sections in the
> apache/conf/httpd.conf file.
>
> appreciate any useful tips.

What exactly do you not understand? Is it the authz file contents (described on the page linked above) or the apache config?

~ mark c
Received on 2011-11-15 16:06:28 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.