[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

using mod rewrite

From: Julie Voce <julievoce_at_outlook.com>
Date: Thu, 29 Oct 2020 09:41:46 +0000

I have mod_dav and authz_svn set up and working fine. A virtual host exists as below.

I have a set of documents that I want to move to a top level. Clients are set up only to use the subdirectories, i.e. set up as svn co https://svn.compnay.com/config. One group of users is using svn+ssh and I want to move them to https to leverage better access control. I also want to move their files in /config/compliance to /compliance. I cannot do this at once as it will disrupt their access. for the time being I want to move them to https://svn.company/config/compliance but set them up as https://svn.company.com/complaince and within apache redirect https://svn.company.com/config/complaince to https://svn.company.com/compliance. Then when the time is right svn move the config/compliance to compliance and add a <Location> section in apache to replace the re-write rules and the user will carry on almost oblibious to the change. However I cannot get the re-write rules to work with SVN -Dav. The commented out re-write rules end with a https::/svn.company.com/compliance does not exist and using Re-write rules in a <Location> section is not recommended by apache.

Can any one suggest how I can achieve the mapping of config/compliance -> compliance?

regards

<VirtualHost *:80>

        LogLevel debug

        RequestHeader edit Destination ^https: http: early

        PassEnv DENV

        SetEnv SERVICENAME subversion

        ServerName subversion

        DocumentRoot /mnt/svn/

        CustomLog "|/usr/sbin/rotatelogs -l /var/log/service/subversion_access_log.%Y-%m-%d 86400" common

        ErrorLog "|/usr/sbin/rotatelogs -l /var/log/service/subversion_log.%Y-%m-%d 86400"

# SVNAllowBulkUpdates Off

# RewriteEngine On

# RewriteRule "^/compliance/(.*)" /config/compliance/$1 [PT,L]

# RewriteRule "^/compliance$" "/config/compliance" [PT,L]

        LogLevel alert rewrite:trace5 core:trace5 authz_svn:trace5 dav_svn:trace5 authnz_ldap_module:trace5 auth_gssapi_module:trace5

<Location "/">

        DAV svn

        SVNPath /mnt/svn/company

        AuthType GSSAPI

        AuthName "Enterprise Subversion Repositories"

    <RequireAll>

        # as we Require on the root this applies to all

        # paths below it.

        Require valid-user

    </RequireAll>

        GssapiBasicAuth On

        GssapiCredStore keytab:/etc/httpd/subversion.keytab

        GssapiNegotiateOnce On

        GssapiSignalPersistentAuth On

        GssapiLocalName on

        GssapiUseSessions On

        Session On

        SessionCookieName krb5_session path=/;httponly;secure;

</Location>

<LocationMatch "/config">

        AuthType GSSAPI

        GssapiCredStore keytab:/etc/httpd/subversion.keytab

        GssapiNegotiateOnce On

        GssapiSignalPersistentAuth On

        GssapiLocalName on

        GssapiUseSessions On

        Session On

        SessionCookieName krb5_session path=/;httponly;secure;

    <RequireAll>

           Require ldap-group-config

           Require valid-user

    </RequireAll>

</LocationMatch>

</Location>

</VirtualHost>

<
Received on 2020-10-29 10:42:05 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.