On 17.07.2017 14:09, Ravi Roy wrote:
> I've been using Apache httpd 2.2.23 with Subvesion 1..6.21 with LDAP
> on CentOS 5.11 (old setup) for years now. Recently we planned to
> upgrade to Subversion 1.9.x with Apache httpd 2.4.x, i've prepared the
> setup as per the following with LDAP support :
> 1) compiled and installed Apache 2.4.16 from source
> 2) compile and installed Subversion 1.9.5 from source
> I've the following snippet in my httpd config which works in old setup
> perfectly but in the new setup it does not work at all, It can not
> control the repo access:
> <Location /svn/MyRepo>
> DAV svn
> SVNPath /var/repos/svn/MyRepo.
> Satisfy any
> <LimitExcept GET PROPFIND OPTIONS REPORT>
> Require valid-user
> Order allow,deny
> Allow from all
> AuthzLDAPAuthoritative on
> AuthType Basic
> AuthName "Please use your Username and Password:"
> AuthLDAPBindDN "CN=Ac,OU=All Users,OU=myOU,DC=mydomain,DC=com"
> AuthLDAPBindPassword mypass
> AuthBasicProvider ldap
> AuthUserFile /dev/null
> AuthzSVNAccessFile /var/repos/permissions/permfile.txt
> write-perm1 = user1, user2
> @write-perm1 = rw
> * =
> After removing "AuthzLDAPAuthoritative on" (which is removed in Apache
> httpd 2.4.x), it allows any ldap user to access the repo (which i do
> not want). I want permfile to control the access to repo, but i could
> not see an effective way to enable it.
> Can somebody help here please?
You should remove these lines:
Allow from all
I also suggest you add the HEAD method to the LimitExcept directive.
Received on 2017-07-17 14:22:22 CEST