Help with Location directive -- will this work?

This is a discussion on Help with Location directive -- will this work? within the Apache Web Server forums, part of the Web Server and Related Forums category; Hi, I am running a subversion webdav site on a debian machine (sarge) running Apache 2.0.54. It is ...


Go Back   Usenet Forums > Web Server and Related Forums > Apache Web Server

Reload this Page Help with Location directive -- will this work?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

 

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-04-2006
Joseph.Pietras@gmail.com
 
Posts: n/a
Default Help with Location directive -- will this work?
Hi, I am running a subversion webdav site on a debian machine (sarge)
running Apache 2.0.54. It is all working well but we are trying to
impose access control (much like with ".htacess" files) by using
<Location> directives, since I can't use <Directory> and/or .htacess
files with a subversion repository.

I have had only limited success attempting to control access. Also, I
am using htpasswd and local files so i don't have to deal with PAM (at
least for now).

Essentially, I have these groups:
developers
admins
consultants
"superuser"

I want the superuser to have complete control. I want admins to be
able to create/delete in most directories with in the repository,
developers can create/delete only in the "trunk" and "snapshots"
directory and consultants might be restricted to specific locations
within the repository.

I have been using <LimitExecpt> to implement these controls. Nothing
is working very well. At most I can control the root of the
repository, by restricting write/delete access, but otherwise I don't
get the "fine grain granularity" I'm looking for. Can this even be
done with Apache 2.0.54 and <Location>?

Here is a typical structure I an trying to get working:
https://isl -- only the superuser can add/delete/change
this directory
https://isl/released -- only the admins can add/delete/change
this directory
https://isl/released/.* -- only the admins can add/delete/change
from here on down

## <root>: only superuser can change, everyone can read
<Location /isl>
Order allow,deny
Allow from all
DAV svn
SVNPath /var/lib/svn/isl
AuthType Basic
AuthName "Isl Repository"
AuthUserFile /etc/apache2/userfiles/superuser.txt
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
## <root>: everyone can read, only admins can write/delete, etc.
<Location /isl/released>
Order allow,deny
Allow from all
DAV svn
SVNPath /var/lib/svn/isl
AuthType Basic
AuthName "Isl Released Subdirectory"
AuthUserFile /etc/apache2/userfiles/admin.txt
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
 

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 06:07 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0