You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by je...@ubs.com on 2006/06/22 08:56:29 UTC
mod_authz_svn configured for per-directory access but allowing access to everybody
Hello,
I've attached my Apache configuration definition file (httpd.conf.txt) and my mod_authz_svn access control definition file (repos_access_control.txt). However, this configuration allows access to repositories and some more specific logical subdirectories within the repositories to *anyone*. Obviously, something is broken in my configuration. But since as far as I can tell, mod_authz_svn does not support logging for debugging purposes (does it?), I'm at a loss as to what the ultimate cause of the problem is.
For the record, I've read and understood http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.httpd.authz.perdir. And in case you're wondering, our authentication handler works as designed. That is not the problem.
Have I misunderstood the format required by mod_authz_svn of our authorization definition file? Is one of the other [higher-scoped] Apache configuration directives perhaps overriding mod_authz_svn?
Please take a look at the setup and give feedback as to how I might zero-in on the problem and ultimately fix it.
Best Regards,
Jeff Bunds
Equities IT
UBS
RE: mod_authz_svn configured for per-directory access but allowing access to everybody
Posted by je...@ubs.com.
Please ignore. I was being thick. I've fixed it.
Jeff
-----Original Message-----
From: Bunds, Jeff
Sent: Thursday, June 22, 2006 10:56 AM
To: users@subversion.tigris.org
Subject: mod_authz_svn configured for per-directory access but allowing
access to everybody
Hello,
I've attached my Apache configuration definition file (httpd.conf.txt) and my mod_authz_svn access control definition file (repos_access_control.txt). However, this configuration allows access to repositories and some more specific logical subdirectories within the repositories to *anyone*. Obviously, something is broken in my configuration. But since as far as I can tell, mod_authz_svn does not support logging for debugging purposes (does it?), I'm at a loss as to what the ultimate cause of the problem is.
For the record, I've read and understood http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.httpd.authz.perdir. And in case you're wondering, our authentication handler works as designed. That is not the problem.
Have I misunderstood the format required by mod_authz_svn of our authorization definition file? Is one of the other [higher-scoped] Apache configuration directives perhaps overriding mod_authz_svn?
Please take a look at the setup and give feedback as to how I might zero-in on the problem and ultimately fix it.
Best Regards,
Jeff Bunds
Equities IT
UBS
Visit our website at http://www.ubs.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. The sender therefore
does not accept liability for any errors or omissions in the contents
of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities or
related financial instruments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org