RE: Authorization - require question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



First, the directive "require user" fits not only a single user, but a list,
too

Doing just

Require user Manuel Vacelet Admin Power 

Will validate 4 users, Manuel, Vacelet, Admin and Power

HOWEVER,

1) Location applies to contents outside the file system
2) Otherwise you can use Directory directive
3) Maybe you have a set of permissions that supersede this one, giving
access to ALL to a higher-level directory ??


Luis



-----Original Message-----
From: Manuel Vacelet [mailto:manuel.vacelet@xxxxxxxxx] 
Sent: quarta-feira, 25 de Julho de 2007 13:33
To: users@xxxxxxxxxxxxxxxx
Subject:  Authorization - require question

Hello all,

I'm facing some problems trying to understand how Require actually works.
Here is my objectives:
- I want to authenticate user against a file.
- I want to restrict a list of users to access to a Location.
- I have 3rd party authorization (AuthzSvnAccessFile) that may
restrict again the browsing.

And now my problem:
- I can restrict access to Location to the list of people in my file
with a 'Require valid-user'.
- But I cannot restrict access to a list of people with 'Require user'

Here the example of config:
----------------------------->8-----------------------------
<Location /svnroot/code>
   DAV svn
   SVNPath /var/lib/codex/svnroot/code

   AuthType Basic
   AuthName "Subversion Authorization"

   AuthUserFile /etc/httpd/conf/htpasswd
   Require user manuel
   AuthzSVNAccessFile /var/lib/svnroot/code/.SVNAccessFile
</Location>
----------------------------->8-----------------------------

Even if I don't authenticate as 'manuel' account I can browse my repository

FYI svnaccessfile is:
----------------------------->8-----------------------------
@member=manuel, john
[/]
* = r
@members = rw
----------------------------->8-----------------------------

Can anyone explain to me what happens ?
Thanks,
-- Manuel

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux