On Tue, Mar 23, 2010 at 12:38:43PM -0400, Eric Covener wrote:
> On Tue, Mar 23, 2010 at 12:33 PM, <rog7993@xxxxxx> wrote:
> >>> <Location "/websvn">
> >>> WebSVN stuff
> >>> </Location>
> >>>
> >>> <LocationMatch "/(?!websvn)">
> >>> subversion stuff
> >>> </LocationMatch>
Possibly this configuration does not work because of a bug in Apache,
mod_dav or mod_dav_svn in the handling of "complex" regular expressions
within <LocationMatch> directives. I found this five years old bug
description:
https://issues.apache.org/bugzilla/show_bug.cgi?id=35077
I don't know whether this was fixed in newer Apache versions in the
meantime. But this bug is still open.
> Going back to OP, what part of the outter location did you think was
> bleeding in? Did you just need to reset to satisfy all?
No. Mainly I want to deactivate "DAV". I didn't posted it until now.
But this configuration doesn't work, too:
<Location />
# Subversion stuff
DAV svn
...
</Location>
<Location /websvn>
# WebSVN stuff
DAV off
...
</Location>
I found an other solution. Requests to WebSVN (/websvn) will be handled
directly by the SSL-VirtualHost, all other requests (subversion
repositories) will be proxied to another VirtualHost. See above. But I'm
not happy with this solution, because it reduces the subversion
performance significantly.
<VirtualHost *:80>
ServerName svnserv01....
ServerAlias localhost
RequestHeader edit Destination ^https http early
LogLevel Warn
<Location />
DAV svn
SVNParentPath /home/subversion/repos
AuthzSVNAccessFile svn-access-file
SSLRequireSSL
AuthType Basic
AuthBasicProvider ldap
AuthName "Subversion repository (LDAP password)"
AuthLDAPUrl ...
# try anonymous access first, resort to real
# authentication if necessary.
Satisfy Any
Require valid-user
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName svnserv01...
DocumentRoot /var/www/svnserv01/htdocs
Alias /websvn-2.3.0/ /opt/websvn-2.3.0/
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/websvn.*
RewriteRule (.*) http://localhost$1 [P]
LogLevel warn
SSLEngine On
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLCACertificateFile ...
<Directory /var/www/svnserv01/htdocs>
Options Multiviews SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
<Directory /opt/websvn-2.3.0/templates>
Order allow,deny
Allow from all
</Directory>
<Location "/websvn">
Order allow,deny
Allow from all
SSLRequireSSL
AuthType Basic
AuthBasicProvider ldap
AuthName "Subversion repository (LDAP password)"
AuthLDAPUrl ...
AuthzLDAPAuthoritative off
# try anonymous access first, resort to real
# authentication if necessary.
#Satisfy Any
Require valid-user
</Location>
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|