You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Don Wehunt <do...@markettools.com> on 2006/07/12 22:00:28 UTC
How do I relax security for WebDAV access on child directories?
> Hello everyone.
>
> I'm having a little trouble getting my apache/svn system to behave the
> way I want it to. Hoping someone can point me in the right direction.
>
> Version Details:
> Apache 2.0
> Subversion version 1.2.3 (r15833)
> Subversion client TortoiseSVN 1.3.2, Build 5840 - 32 Bit
>
> In brief, I need to provide webdav access to a few child directories
> of my subversion repository to some contractors. I do not want them to
> have root access to the repository, so I need to figure out a way to
> relax security on these directories without giving these guys access
> to the root of my repository. Is that possible?
>
> Here's a peek at the relevant entries for my httpd.conf file and
> basically what is happening with the way it's currently setup:
>
> The contractors are able browse to the explicit URL via IE, but
> Tortoise will not allow them entry with the same URL. They are first
> prompted for the subdirectory auth realm that they are trying to
> access - "Subversion Repository (Questionnaire Helpers Area)" for
> example. After entering their password and getting past that prompt,
> they are then prompted by the root repository auth realm - "Subversion
> Repository (Development)" And since I have not defined permissions on
> that level for them they are rejected.
>
> Can anyone tell me what I'm doing wrong?
>
> <Location /repos/dev>
> DAV svn
> SVNPath D:/subversion/repos/dev
>
> AuthName "Subversion Repository (Development)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4
> </Location>
>
> <Location /repos/dev/ztel/mt/trunk/files/zscripts/definitions/library>
>
> AuthName "Subversion Repository (Questionnaire Helpers Area)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4 group5
> </Location>
>
> <Location
> /repos/dev/ztel/mt/trunk/files/zscripts/definitions/tools/application>
>
> AuthName "Subversion Repository (Data Script Assistants -
> Application Area)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4 group5
> </Location>
>
> Please help!! Thanks!
>
> -don
Re: How do I relax security for WebDAV access on child directories?
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Jul 13, 2006, at 00:00, Don Wehunt wrote:
> Hello everyone.
>
> I'm having a little trouble getting my apache/svn system to behave
> the way I want it to. Hoping someone can point me in the right
> direction.
>
> Version Details:
> Apache 2.0
> Subversion version 1.2.3 (r15833)
> Subversion client TortoiseSVN 1.3.2, Build 5840 - 32 Bit
>
> In brief, I need to provide webdav access to a few child
> directories of my subversion repository to some contractors. I do
> not want them to have root access to the repository, so I need to
> figure out a way to relax security on these directories without
> giving these guys access to the root of my repository. Is that
> possible?
You may want svnperms.py:
http://subversion.tigris.org/tools_contrib.html#svnperms_py
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: How do I relax security for WebDAV access on child directories?
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 7/12/06, Don Wehunt <do...@markettools.com> wrote:
>
>
>
> Hello everyone.
>
> I'm having a little trouble getting my apache/svn system to behave the way I
> want it to. Hoping someone can point me in the right direction.
>
> Version Details:
> Apache 2.0
> Subversion version 1.2.3 (r15833)
> Subversion client TortoiseSVN 1.3.2, Build 5840 - 32 Bit
>
> In brief, I need to provide webdav access to a few child directories of my
> subversion repository to some contractors. I do not want them to have root
> access to the repository, so I need to figure out a way to relax security on
> these directories without giving these guys access to the root of my
> repository. Is that possible?
>
> Here's a peek at the relevant entries for my httpd.conf file and basically
> what is happening with the way it's currently setup:
>
> The contractors are able browse to the explicit URL via IE, but Tortoise
> will not allow them entry with the same URL. They are first prompted for the
> subdirectory auth realm that they are trying to access - "Subversion
> Repository (Questionnaire Helpers Area)" for example. After entering their
> password and getting past that prompt, they are then prompted by the root
> repository auth realm - "Subversion Repository (Development)" And since I
> have not defined permissions on that level for them they are rejected.
>
> Can anyone tell me what I'm doing wrong?
>
> <Location /repos/dev>
> DAV svn
> SVNPath D:/subversion/repos/dev
>
> AuthName "Subversion Repository (Development)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4
> </Location>
>
> <Location
> /repos/dev/ztel/mt/trunk/files/zscripts/definitions/library>
> AuthName "Subversion Repository (Questionnaire Helpers Area)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4 group5
> </Location>
>
> <Location
> /repos/dev/ztel/mt/trunk/files/zscripts/definitions/tools/application>
> AuthName "Subversion Repository (Data Script Assistants -
> Application Area)"
> AuthType Basic
> AuthUserFile "D:/subversion/svn.pass"
> AuthGroupFile "D:/subversion/svn.groups"
> Require group group1 group2 group3 group4 group5
> </Location>
>
> Please help!! Thanks!
You cannot control access to subdirectories in a repository via
httpd.conf level directives, you need to use something like
mod_authz_svn for that.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org