First, the directive "require user" fits not only a single user, but a list, too Doing just Require user Manuel Vacelet Admin Power Will validate 4 users, Manuel, Vacelet, Admin and Power HOWEVER, 1) Location applies to contents outside the file system 2) Otherwise you can use Directory directive 3) Maybe you have a set of permissions that supersede this one, giving access to ALL to a higher-level directory ?? Luis -----Original Message----- From: Manuel Vacelet [mailto:manuel.vacelet@xxxxxxxxx] Sent: quarta-feira, 25 de Julho de 2007 13:33 To: users@xxxxxxxxxxxxxxxx Subject: Authorization - require question Hello all, I'm facing some problems trying to understand how Require actually works. Here is my objectives: - I want to authenticate user against a file. - I want to restrict a list of users to access to a Location. - I have 3rd party authorization (AuthzSvnAccessFile) that may restrict again the browsing. And now my problem: - I can restrict access to Location to the list of people in my file with a 'Require valid-user'. - But I cannot restrict access to a list of people with 'Require user' Here the example of config: ----------------------------->8----------------------------- <Location /svnroot/code> DAV svn SVNPath /var/lib/codex/svnroot/code AuthType Basic AuthName "Subversion Authorization" AuthUserFile /etc/httpd/conf/htpasswd Require user manuel AuthzSVNAccessFile /var/lib/svnroot/code/.SVNAccessFile </Location> ----------------------------->8----------------------------- Even if I don't authenticate as 'manuel' account I can browse my repository FYI svnaccessfile is: ----------------------------->8----------------------------- @member=manuel, john [/] * = r @members = rw ----------------------------->8----------------------------- Can anyone explain to me what happens ? Thanks, -- Manuel --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|