SVN: Restricting Access: Difference between revisions

m
Reverted edits by Upazixorys (Talk); changed back to last version by Ric
No edit summary
m (Reverted edits by Upazixorys (Talk); changed back to last version by Ric)
 
Line 1: Line 1:
=[http://ujybyqum.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
{{SVN Nav}}
{{SVN Nav}}
'''Restring Access'''
'''Restring Access'''
Line 19: Line 18:
|
|
* Create the folder C:\a_svn\UniServer\htpasswd\'''svn'''
* Create the folder C:\a_svn\UniServer\htpasswd\'''svn'''
* Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name!    
* Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name!    
* Edit the file copied. Add name and passwords pairs accordingly, example on right:
* Edit the file copied. Add name and passwords pairs accordingly, example on right:
|
|
<pre>
<pre>
   mike:root   
   mike:root   
   john:123
   john:123
   fred:pas123   
   fred:pas123   
&lt;/pre&gt;
</pre>
|}
|}


Line 43: Line 42:
|-
|-
|
|
&lt;pre&gt;
<pre>
&lt;location /svn&gt;
<location /svn>
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 50: Line 49:


  AuthType Basic
  AuthType Basic
  AuthName &quot;Subversion repositories&quot;
  AuthName "Subversion repositories"
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  Require valid-user
  Require valid-user
&lt;/location&gt;
</location>
&lt;/pre&gt;
</pre>
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 64: Line 63:
=== Test 1 ===
=== Test 1 ===
{|
{|
|-valign=&quot;top&quot;
|-valign="top"
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either &lt;nowiki&gt;http://localhost/svn/&lt;/nowiki&gt;
** Either <nowiki>http://localhost/svn/</nowiki>
** Or '''&lt;nowiki&gt;http://localhost/svn/myproject/&lt;/nowiki&gt;'''  
** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>'''  
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
* You can now browse the repository
* You can now browse the repository
|
|
&amp;nbsp;&amp;nbsp;
&nbsp;&nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on &lt;nowiki&gt;http://localhost/svn/myproject&lt;/nowiki&gt;
* In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki>
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
Line 96: Line 95:
Replace the above line '''Require valid-user''' with this block of code.
Replace the above line '''Require valid-user''' with this block of code.
The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication.
The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication.
&lt;pre&gt;
<pre>
# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
Require valid-user
&lt;/LimitExcept&gt;
</LimitExcept>
&lt;/pre&gt;
</pre>
Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below:
Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below:
{|
{|
|-
|-
|
|
&lt;pre&gt;
<pre>
&lt;location /svn&gt;
<location /svn>
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 114: Line 113:


  AuthType Basic
  AuthType Basic
  AuthName &quot;Subversion repositories&quot;
  AuthName "Subversion repositories"
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd


# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
Require valid-user
&lt;/LimitExcept&gt;
</LimitExcept>


&lt;/location&gt;
</location>
&lt;/pre&gt;
</pre>
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 131: Line 130:




* '''&lt;LimitExcept&gt;&lt;/LimitExcept&gt;''' Separate '''Require valid-user''' and target write requests.  
* '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests.  
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
|}
|}
Line 138: Line 137:
=== Test 2 ===
=== Test 2 ===
{|
{|
|-valign=&quot;top&quot;
|-valign="top"
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either &lt;nowiki&gt;http://localhost/svn/&lt;/nowiki&gt;
** Either <nowiki>http://localhost/svn/</nowiki>
** Or '''&lt;nowiki&gt;http://localhost/svn/myproject/&lt;/nowiki&gt;'''  
** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>'''  
* User can brows repository.
* User can brows repository.
|
|
&amp;nbsp;&amp;nbsp;
&nbsp;&nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on &lt;nowiki&gt;http://localhost/svn/myproject&lt;/nowiki&gt;
* In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki>
* Can browse repository and create a new working copy.
* Can browse repository and create a new working copy.
* Make a change in the working copy and '''commit'''
* Make a change in the working copy and '''commit'''
Line 177: Line 176:
|-
|-
|
|
&lt;pre&gt;
<pre>
&lt;location /svn&gt;
<location /svn>
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 184: Line 183:


  AuthType Basic
  AuthType Basic
  AuthName &quot;Subversion repositories&quot;
  AuthName "Subversion repositories"
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  SSLRequireSSL
  SSLRequireSSL
  Require valid-user
  Require valid-user
&lt;/location&gt;
</location>
&lt;/pre&gt;
</pre>
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 200: Line 199:
=== Test 3 ===
=== Test 3 ===
{|
{|
|-valign=&quot;top&quot;
|-valign="top"
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either &lt;nowiki&gt;https://localhost/svn/&lt;/nowiki&gt;
** Either <nowiki>https://localhost/svn/</nowiki>
** Or '''&lt;nowiki&gt;https://localhost/svn/myproject/&lt;/nowiki&gt;'''  
** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>'''  
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
* You can now browse the repository
* You can now browse the repository
|
|
&amp;nbsp;&amp;nbsp;
&nbsp;&nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Select '''Bookmarks &gt; Add Existing Repository''' enter '''https:'''&lt;nowiki&gt;//localhost/svn/myproject&lt;/nowiki&gt;
* Select '''Bookmarks > Add Existing Repository''' enter '''https:'''<nowiki>//localhost/svn/myproject</nowiki>
* Challenged for a name and password.
* Challenged for a name and password.
** Enter one of the name/password pairs in the above list
** Enter one of the name/password pairs in the above list
Line 236: Line 235:
|-
|-
|
|
&lt;pre&gt;
<pre>
&lt;location /svn&gt;
<location /svn>
  DAV svn
  DAV svn
  SVNListParentPath on
  SVNListParentPath on
Line 243: Line 242:


  AuthType Basic
  AuthType Basic
  AuthName &quot;Subversion repositories&quot;
  AuthName "Subversion repositories"
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd
  AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd


# For any operations other than these, require an authenticated user.
# For any operations other than these, require an authenticated user.
# Hence this block limits write permission to list of valid users.
# Hence this block limits write permission to list of valid users.
&lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
<LimitExcept GET PROPFIND OPTIONS REPORT>
SSLRequireSSL
SSLRequireSSL
Require valid-user
Require valid-user
&lt;/LimitExcept&gt;
</LimitExcept>


&lt;/location&gt;
</location>
&lt;/pre&gt;
</pre>
|
|
* '''AuthType Basic''' - Type of authentication is basic
* '''AuthType Basic''' - Type of authentication is basic
Line 261: Line 260:




* '''&lt;LimitExcept&gt;&lt;/LimitExcept&gt;''' Separate '''Require valid-user''' and target write requests.  
* '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests.  
* '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL  
* '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL  
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
* '''Require valid-user''' - Informs Apache all users must supply a name and password.   
Line 269: Line 268:
=== Test 4 ===
=== Test 4 ===
{|
{|
|-valign=&quot;top&quot;
|-valign="top"
|
|
'''''Browser'':'''
'''''Browser'':'''
* Restart servers
* Restart servers
* Type into browser
* Type into browser
** Either &lt;nowiki&gt;https://localhost/svn/&lt;/nowiki&gt;
** Either <nowiki>https://localhost/svn/</nowiki>
** Or '''&lt;nowiki&gt;https://localhost/svn/myproject/&lt;/nowiki&gt;'''  
** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>'''  
* User can brows repository.
* User can brows repository.
|
|
&amp;nbsp;&amp;nbsp;
&nbsp;&nbsp;
|
|
'''''Client'':'''
'''''Client'':'''
* Restart servers
* Restart servers
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe)  
* In bookmarks click on &lt;nowiki&gt;https://localhost/svn/myproject&lt;/nowiki&gt;
* In bookmarks click on <nowiki>https://localhost/svn/myproject</nowiki>
* Can browse repository and create a new working copy.
* Can browse repository and create a new working copy.
* Make a change in the working copy and '''commit'''
* Make a change in the working copy and '''commit'''