Thanks for the quick reply. I do use <Location> because of subversion and there is no global permissions set at a upper level. What seems strange to me is that "Require user XXX" works w/o having another authorization level (w/o AuthzSVNAccessFile) but as soon as I add this statement the Require user seems overrided. Actually is 'Require user' authoritative (I don't know if it's the right term to use to describe what I want to achieve) ? And maybe a stupid question but: - Is what I want to achieve possible or not ? -- Manuel On 7/25/07, Luis Moreira (ESI-GSQP) <luis.moreira@xxxxxx> wrote: > First, the directive "require user" fits not only a single user, but a list, > too > > Doing just > > Require user Manuel Vacelet Admin Power > > Will validate 4 users, Manuel, Vacelet, Admin and Power > > HOWEVER, > > 1) Location applies to contents outside the file system > 2) Otherwise you can use Directory directive > 3) Maybe you have a set of permissions that supersede this one, giving > access to ALL to a higher-level directory ?? > > > Luis > > > > -----Original Message----- > From: Manuel Vacelet [mailto:manuel.vacelet@xxxxxxxxx] > Sent: quarta-feira, 25 de Julho de 2007 13:33 > To: users@xxxxxxxxxxxxxxxx > Subject: Authorization - require question > > Hello all, > > I'm facing some problems trying to understand how Require actually works. > Here is my objectives: > - I want to authenticate user against a file. > - I want to restrict a list of users to access to a Location. > - I have 3rd party authorization (AuthzSvnAccessFile) that may > restrict again the browsing. > > And now my problem: > - I can restrict access to Location to the list of people in my file > with a 'Require valid-user'. > - But I cannot restrict access to a list of people with 'Require user' > > Here the example of config: > ----------------------------->8----------------------------- > <Location /svnroot/code> > DAV svn > SVNPath /var/lib/codex/svnroot/code > > AuthType Basic > AuthName "Subversion Authorization" > > AuthUserFile /etc/httpd/conf/htpasswd > Require user manuel > AuthzSVNAccessFile /var/lib/svnroot/code/.SVNAccessFile > </Location> > ----------------------------->8----------------------------- > > Even if I don't authenticate as 'manuel' account I can browse my repository > > FYI svnaccessfile is: > ----------------------------->8----------------------------- > @member=manuel, john > [/] > * = r > @members = rw > ----------------------------->8----------------------------- > > Can anyone explain to me what happens ? > Thanks, > -- Manuel > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|