You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Damon Rand <Da...@cybermagic.co.nz> on 2005/07/11 16:50:29 UTC

Multiple http virtual host access to a single repository

Hi,
  Am I going to get into trouble with the below config? For various reasons to do with our network infrastructure we wish to have an SSL and a nonSSL virtual host access the same SVNPath/repository.

Is this safe? Would I be better with BerkeleyDB or FSFS?

Regards,
Damon.

# http access to the repository
<VirtualHost *:80>

    ServerName svn.blah.org
    ServerAdmin drand@blah.org

    # HTML pages related to subversion
    DocumentRoot d:/svn/svn.intsec
    
    <Location /repos>
        DAV svn
        SVNPath d:/svn/testrepos

        <LimitExcept GET PROPFIND OPTIONS REPORT>
          Require valid-user
        </LimitExcept>
    
    </Location>

</VirtualHost>

# https access to the repository
<VirtualHost *:443>

    ServerName svn.blah.org
    ServerAdmin drand@blah.org

    # HTML pages related to subversion
    DocumentRoot d:/svn/svn.intsec
    
    SSLEngine on
    SSLProtocol all
    SSLCipherSuite LOW
    
    <Location /repos>
        DAV svn
        SVNPath d:/svn/testrepos

        <LimitExcept GET PROPFIND OPTIONS REPORT>
          Require valid-user
        </LimitExcept>
    
    </Location>

</VirtualHost>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Multiple http virtual host access to a single repository

Posted by Ryan Schmidt <su...@ryandesign.com>.
On 11.07.2005, at 18:50, Damon Rand wrote:

>   Am I going to get into trouble with the below config? For various  
> reasons to do with our network infrastructure we wish to have an  
> SSL and a nonSSL virtual host access the same SVNPath/repository.
>
> Is this safe? Would I be better with BerkeleyDB or FSFS?

We also have both SSL (for outside the firewall) and non-SSL (for  
inside the firewall) vhosts for our intranet, of which Subversion  
access is a part, and have not had any problems, nor do we see a  
reason why there should be any. We use a single FSFS repository with  
Subversion 1.1.2.*


* since a stable release of 1.2.x does not seem to be available yet  
from Gentoo Portage




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Multiple http virtual host access to a single repository

Posted by Scott Lawrence <sl...@pingtel.com>.
On Tue, 2005-07-12 at 04:50 +1200, Damon Rand wrote:
> Hi,
>   Am I going to get into trouble with the below config? For various reasons to do with our network infrastructure we wish to have an SSL and a nonSSL virtual host access the same SVNPath/repository.
> 
> Is this safe? 
 
We do just what you outlined, except that we don't allow write access at
all on the http virtual host (so that passwords are never sent in the
clear).  Works fine.

-- 
Scott Lawrence, Consulting Engineer
Pingtel Corp.  http://www.pingtel.com/
+1.781.938.5306 x162 or sip:slawrence@pingtel.com


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org