SVN: Restricting Access: Difference between revisions
m
Reverted edits by Upazixorys (Talk); changed back to last version by Ric
Upazixorys (talk | contribs) No edit summary |
m (Reverted edits by Upazixorys (Talk); changed back to last version by Ric) |
||
| Line 1: | Line 1: | ||
{{SVN Nav}} | {{SVN Nav}} | ||
'''Restring Access''' | '''Restring Access''' | ||
| Line 19: | Line 18: | ||
| | | | ||
* Create the folder C:\a_svn\UniServer\htpasswd\'''svn''' | * Create the folder C:\a_svn\UniServer\htpasswd\'''svn''' | ||
* Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name!& | * Copy an existing '''.htpasswd''' password file to the above folder. Windows is a pain if a file has no name! | ||
* Edit the file copied. Add name and passwords pairs accordingly, example on right: | * Edit the file copied. Add name and passwords pairs accordingly, example on right: | ||
| | | | ||
<pre> | |||
mike:root | mike:root | ||
john:123 | john:123 | ||
fred:pas123 | fred:pas123 | ||
</pre> | |||
|} | |} | ||
| Line 43: | Line 42: | ||
|- | |- | ||
| | | | ||
<pre> | |||
<location /svn> | |||
DAV svn | DAV svn | ||
SVNListParentPath on | SVNListParentPath on | ||
| Line 50: | Line 49: | ||
AuthType Basic | AuthType Basic | ||
AuthName | AuthName "Subversion repositories" | ||
AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | ||
Require valid-user | Require valid-user | ||
</location> | |||
</pre> | |||
| | | | ||
* '''AuthType Basic''' - Type of authentication is basic | * '''AuthType Basic''' - Type of authentication is basic | ||
| Line 64: | Line 63: | ||
=== Test 1 === | === Test 1 === | ||
{| | {| | ||
|-valign= | |-valign="top" | ||
| | | | ||
'''''Browser'':''' | '''''Browser'':''' | ||
* Restart servers | * Restart servers | ||
* Type into browser | * Type into browser | ||
** Either | ** Either <nowiki>http://localhost/svn/</nowiki> | ||
** Or ''' | ** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>''' | ||
* Challenged for a name and password. | * Challenged for a name and password. | ||
** Enter one of the name/password pairs in the above list | ** Enter one of the name/password pairs in the above list | ||
* You can now browse the repository | * You can now browse the repository | ||
| | | | ||
& | | ||
| | | | ||
'''''Client'':''' | '''''Client'':''' | ||
* Restart servers | * Restart servers | ||
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | * Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | ||
* In bookmarks click on | * In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki> | ||
* Challenged for a name and password. | * Challenged for a name and password. | ||
** Enter one of the name/password pairs in the above list | ** Enter one of the name/password pairs in the above list | ||
| Line 96: | Line 95: | ||
Replace the above line '''Require valid-user''' with this block of code. | Replace the above line '''Require valid-user''' with this block of code. | ||
The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication. | The line has been wrapped within a '''LimitExcept''' directive. This targets any requests other than a read and forces authentication. | ||
<pre> | |||
# For any operations other than these, require an authenticated user. | # For any operations other than these, require an authenticated user. | ||
# Hence this block limits write permission to list of valid users. | # Hence this block limits write permission to list of valid users. | ||
<LimitExcept GET PROPFIND OPTIONS REPORT> | |||
Require valid-user | Require valid-user | ||
</LimitExcept> | |||
</pre> | |||
Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below: | Edit file C:\a_svn\UniServer\usr\local\apache2\conf\httpd.conf and add the above as shown below: | ||
{| | {| | ||
|- | |- | ||
| | | | ||
<pre> | |||
<location /svn> | |||
DAV svn | DAV svn | ||
SVNListParentPath on | SVNListParentPath on | ||
| Line 114: | Line 113: | ||
AuthType Basic | AuthType Basic | ||
AuthName | AuthName "Subversion repositories" | ||
AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | ||
# For any operations other than these, require an authenticated user. | # For any operations other than these, require an authenticated user. | ||
# Hence this block limits write permission to list of valid users. | # Hence this block limits write permission to list of valid users. | ||
<LimitExcept GET PROPFIND OPTIONS REPORT> | |||
Require valid-user | Require valid-user | ||
</LimitExcept> | |||
</location> | |||
</pre> | |||
| | | | ||
* '''AuthType Basic''' - Type of authentication is basic | * '''AuthType Basic''' - Type of authentication is basic | ||
| Line 131: | Line 130: | ||
* ''' | * '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests. | ||
* '''Require valid-user''' - Informs Apache all users must supply a name and password. | * '''Require valid-user''' - Informs Apache all users must supply a name and password. | ||
|} | |} | ||
| Line 138: | Line 137: | ||
=== Test 2 === | === Test 2 === | ||
{| | {| | ||
|-valign= | |-valign="top" | ||
| | | | ||
'''''Browser'':''' | '''''Browser'':''' | ||
* Restart servers | * Restart servers | ||
* Type into browser | * Type into browser | ||
** Either | ** Either <nowiki>http://localhost/svn/</nowiki> | ||
** Or ''' | ** Or '''<nowiki>http://localhost/svn/myproject/</nowiki>''' | ||
* User can brows repository. | * User can brows repository. | ||
| | | | ||
& | | ||
| | | | ||
'''''Client'':''' | '''''Client'':''' | ||
* Restart servers | * Restart servers | ||
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | * Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | ||
* In bookmarks click on | * In bookmarks click on <nowiki>http://localhost/svn/myproject</nowiki> | ||
* Can browse repository and create a new working copy. | * Can browse repository and create a new working copy. | ||
* Make a change in the working copy and '''commit''' | * Make a change in the working copy and '''commit''' | ||
| Line 177: | Line 176: | ||
|- | |- | ||
| | | | ||
<pre> | |||
<location /svn> | |||
DAV svn | DAV svn | ||
SVNListParentPath on | SVNListParentPath on | ||
| Line 184: | Line 183: | ||
AuthType Basic | AuthType Basic | ||
AuthName | AuthName "Subversion repositories" | ||
AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | ||
SSLRequireSSL | SSLRequireSSL | ||
Require valid-user | Require valid-user | ||
</location> | |||
</pre> | |||
| | | | ||
* '''AuthType Basic''' - Type of authentication is basic | * '''AuthType Basic''' - Type of authentication is basic | ||
| Line 200: | Line 199: | ||
=== Test 3 === | === Test 3 === | ||
{| | {| | ||
|-valign= | |-valign="top" | ||
| | | | ||
'''''Browser'':''' | '''''Browser'':''' | ||
* Restart servers | * Restart servers | ||
* Type into browser | * Type into browser | ||
** Either | ** Either <nowiki>https://localhost/svn/</nowiki> | ||
** Or ''' | ** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>''' | ||
* Challenged for a name and password. | * Challenged for a name and password. | ||
** Enter one of the name/password pairs in the above list | ** Enter one of the name/password pairs in the above list | ||
* You can now browse the repository | * You can now browse the repository | ||
| | | | ||
& | | ||
| | | | ||
'''''Client'':''' | '''''Client'':''' | ||
* Restart servers | * Restart servers | ||
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | * Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | ||
* Select '''Bookmarks | * Select '''Bookmarks > Add Existing Repository''' enter '''https:'''<nowiki>//localhost/svn/myproject</nowiki> | ||
* Challenged for a name and password. | * Challenged for a name and password. | ||
** Enter one of the name/password pairs in the above list | ** Enter one of the name/password pairs in the above list | ||
| Line 236: | Line 235: | ||
|- | |- | ||
| | | | ||
<pre> | |||
<location /svn> | |||
DAV svn | DAV svn | ||
SVNListParentPath on | SVNListParentPath on | ||
| Line 243: | Line 242: | ||
AuthType Basic | AuthType Basic | ||
AuthName | AuthName "Subversion repositories" | ||
AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | AuthUserFile C:/a_svn/UniServer/htpasswd/svn/.htpasswd | ||
# For any operations other than these, require an authenticated user. | # For any operations other than these, require an authenticated user. | ||
# Hence this block limits write permission to list of valid users. | # Hence this block limits write permission to list of valid users. | ||
<LimitExcept GET PROPFIND OPTIONS REPORT> | |||
SSLRequireSSL | SSLRequireSSL | ||
Require valid-user | Require valid-user | ||
</LimitExcept> | |||
</location> | |||
</pre> | |||
| | | | ||
* '''AuthType Basic''' - Type of authentication is basic | * '''AuthType Basic''' - Type of authentication is basic | ||
| Line 261: | Line 260: | ||
* ''' | * '''<LimitExcept></LimitExcept>''' Separate '''Require valid-user''' and target write requests. | ||
* '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL | * '''SSLRequireSSL''' - Informs Apache connection must be over a secure link using SSL | ||
* '''Require valid-user''' - Informs Apache all users must supply a name and password. | * '''Require valid-user''' - Informs Apache all users must supply a name and password. | ||
| Line 269: | Line 268: | ||
=== Test 4 === | === Test 4 === | ||
{| | {| | ||
|-valign= | |-valign="top" | ||
| | | | ||
'''''Browser'':''' | '''''Browser'':''' | ||
* Restart servers | * Restart servers | ||
* Type into browser | * Type into browser | ||
** Either | ** Either <nowiki>https://localhost/svn/</nowiki> | ||
** Or ''' | ** Or '''<nowiki>https://localhost/svn/myproject/</nowiki>''' | ||
* User can brows repository. | * User can brows repository. | ||
| | | | ||
& | | ||
| | | | ||
'''''Client'':''' | '''''Client'':''' | ||
* Restart servers | * Restart servers | ||
* Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | * Start '''PortableRapidSVN''' (C:\a_svn\UniServer\svn_portable\PortableRapidSVN.exe) | ||
* In bookmarks click on | * In bookmarks click on <nowiki>https://localhost/svn/myproject</nowiki> | ||
* Can browse repository and create a new working copy. | * Can browse repository and create a new working copy. | ||
* Make a change in the working copy and '''commit''' | * Make a change in the working copy and '''commit''' | ||