The Uniform Server Wiki

SVN: Restricting Access: Difference between revisions

Page Discussion

SVN: Restricting Access (view source)

Revision as of 01:15, 24 November 2010

551 bytes added ,  24 November 2010
no edit summary
(New page: {{SVN Nav}} '''Restring Access''' With the current configuration putting SVN on-line means anyone can access and modify your subversion repositories. In terms of data loss this is not an ...)
 
No edit summary
Line 1: Line 1:
=[http://ujybyqum.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
{{SVN Nav}}
{{SVN Nav}}
'''Restring Access'''
'''Restring Access'''
Line 18: Line 19:
|
|
* Create the folder C:\a_svn\UniServer\htpasswd\'''svn'''
* Create the folder C:\a_svn\UniServer\htpasswd\'''svn'''
* Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name!    
* Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name!    
* Edit the file copied. Add name and passwords pairs accordingly, example on right:
* Edit the file copied. Add name and passwords pairs accordingly, example on right:
|
|
<pre>
&lt;pre&gt;
   mike:root   
   mike:root   
   john:123
   john:123
   fred:pas123   
   fred:pas123   
</pre>
&lt;/pre&gt;
|}
|}


Line 42: Line 43:
|-
|-
|
|
<pre>
&lt;pre&gt;
<location /svn>
&lt;location /svn&gt;
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 49: Line 50:


  AuthType Basic
  AuthType Basic
  AuthName "Subversion repositories"
  AuthName &quot;Subversion repositories&quot;
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  Require valid-user
  Require valid-user
</location>
&lt;/location&gt;
</pre>
&lt;/pre&gt;
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 63: Line 64:
=== Test 1 ===
=== Test 1 ===
{|
{|
|-valign="top"
|-valign=&quot;top&quot;
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either <nowiki>http://localhost/svn/</nowiki>
** Either &lt;nowiki&gt;http://localhost/svn/&lt;/nowiki&gt;
** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>'''  
** Or '''&lt;nowiki&gt;http://localhost/svn/myproject/&lt;/nowiki&gt;'''  
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
* You can now browse the repository
* You can now browse the repository
|
|
&nbsp;&nbsp;
&amp;nbsp;&amp;nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki>
* In bookmarks click on &lt;nowiki&gt;http://localhost/svn/myproject&lt;/nowiki&gt;
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
Line 95: Line 96:
Replace the above line '''Require valid-user''' with this block of code.
Replace the above line '''Require valid-user''' with this block of code.
The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication.
The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication.
<pre>
&lt;pre&gt;
# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
Require valid-user
Require valid-user
</LimitExcept>
&lt;/LimitExcept&gt;
</pre>
&lt;/pre&gt;
Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below:
Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below:
{|
{|
|-
|-
|
|
<pre>
&lt;pre&gt;
<location /svn>
&lt;location /svn&gt;
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 113: Line 114:


  AuthType Basic
  AuthType Basic
  AuthName "Subversion repositories"
  AuthName &quot;Subversion repositories&quot;
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd


# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
Require valid-user
Require valid-user
</LimitExcept>
&lt;/LimitExcept&gt;


</location>
&lt;/location&gt;
</pre>
&lt;/pre&gt;
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 130: Line 131:




* '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests.  
* '''&lt;LimitExcept&gt;&lt;/LimitExcept&gt;''' Separate '''Require valid-user''' and target write requests.  
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
|}
|}
Line 137: Line 138:
=== Test 2 ===
=== Test 2 ===
{|
{|
|-valign="top"
|-valign=&quot;top&quot;
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either <nowiki>http://localhost/svn/</nowiki>
** Either &lt;nowiki&gt;http://localhost/svn/&lt;/nowiki&gt;
** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>'''  
** Or '''&lt;nowiki&gt;http://localhost/svn/myproject/&lt;/nowiki&gt;'''  
* User can brows repository.
* User can brows repository.
|
|
&nbsp;&nbsp;
&amp;nbsp;&amp;nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki>
* In bookmarks click on &lt;nowiki&gt;http://localhost/svn/myproject&lt;/nowiki&gt;
* Can browse repository and create a new working copy.
* Can browse repository and create a new working copy.
* Make a change in the working copy and '''commit'''
* Make a change in the working copy and '''commit'''
Line 176: Line 177:
|-
|-
|
|
<pre>
&lt;pre&gt;
<location /svn>
&lt;location /svn&gt;
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 183: Line 184:


  AuthType Basic
  AuthType Basic
  AuthName "Subversion repositories"
  AuthName &quot;Subversion repositories&quot;
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  SSLRequireSSL
  SSLRequireSSL
  Require valid-user
  Require valid-user
</location>
&lt;/location&gt;
</pre>
&lt;/pre&gt;
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 199: Line 200:
=== Test 3 ===
=== Test 3 ===
{|
{|
|-valign="top"
|-valign=&quot;top&quot;
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either <nowiki>https://localhost/svn/</nowiki>
** Either &lt;nowiki&gt;https://localhost/svn/&lt;/nowiki&gt;
** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>'''  
** Or '''&lt;nowiki&gt;https://localhost/svn/myproject/&lt;/nowiki&gt;'''  
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
* You can now browse the repository
* You can now browse the repository
|
|
&nbsp;&nbsp;
&amp;nbsp;&amp;nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Select '''Bookmarks > Add Existing Repository''' enter '''https:'''<nowiki>//localhost/svn/myproject</nowiki>
* Select '''Bookmarks &gt; Add Existing Repository''' enter '''https:'''&lt;nowiki&gt;//localhost/svn/myproject&lt;/nowiki&gt;
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
Line 235: Line 236:
|-
|-
|
|
<pre>
&lt;pre&gt;
<location /svn>
&lt;location /svn&gt;
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 242: Line 243:


  AuthType Basic
  AuthType Basic
  AuthName "Subversion repositories"
  AuthName &quot;Subversion repositories&quot;
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd


# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
SSLRequireSSL
SSLRequireSSL
Require valid-user
Require valid-user
</LimitExcept>
&lt;/LimitExcept&gt;


</location>
&lt;/location&gt;
</pre>
&lt;/pre&gt;
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 260: Line 261:




* '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests.  
* '''&lt;LimitExcept&gt;&lt;/LimitExcept&gt;''' Separate '''Require valid-user''' and target write requests.  
* '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL  
* '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL  
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
Line 268: Line 269:
=== Test 4 ===
=== Test 4 ===
{|
{|
|-valign="top"
|-valign=&quot;top&quot;
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either <nowiki>https://localhost/svn/</nowiki>
** Either &lt;nowiki&gt;https://localhost/svn/&lt;/nowiki&gt;
** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>'''  
** Or '''&lt;nowiki&gt;https://localhost/svn/myproject/&lt;/nowiki&gt;'''  
* User can brows repository.
* User can brows repository.
|
|
&nbsp;&nbsp;
&amp;nbsp;&amp;nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on <nowiki>https://localhost/svn/myproject</nowiki>
* In bookmarks click on &lt;nowiki&gt;https://localhost/svn/myproject&lt;/nowiki&gt;
* Can browse repository and create a new working copy.
* Can browse repository and create a new working copy.
* Make a change in the working copy and '''commit'''
* Make a change in the working copy and '''commit'''
Upazixorys
322

edits

Retrieved from "https://wiki.uniformserver.com/Special:MobileDiff/4641"