On Sun, Jul 15, 2012 at 6:43 AM, Jonas H. <jonas@xxxxxxxxxx> wrote: > I'd like to implement HTTP authentication for Git Smart HTTP using Dulwich > (a Python binding): > > 1) read-only if unauthenticated and write only if authenticated > 2) read/write only if authenticated > > I couldn't find any documentation on which URLs need be secured and what > response codes are expected in case the cloner/pusher is unauthenticated. Smart HTTP uses HTTP authentication, so return 401 with a proper WWW-Authenticate header to prompt the client for authentication, and use the Authorization header to verify the client. Return 403 to tell the client they cannot access the service because the Authorization header is invalid[1]. You can tell check for a write request by looking at the service parameter on the /info/refs request, if its git-receive-pack, you are about to receive a write, so you want to prompt for authentication. You should also check for authentication on the /git-receive-pack request. [1] This is actually a lie. The servers I have written over the years return 200 OK with a special Git payload in this case. The payload uses the "ERR" in the /info/refs response to print a message to the client telling the user access is forbidden. This allows a custom message to be sent, and stops the client from discarding the message and falling back to the dumb protocol. > Is there any documentation on Smart HTTP workflow? The C sources (vanilla > Git and libgit2) didn't help me too much since I found it very difficult to > follow the code-flow... it's probably just abstracted too well :-) There is no authentication/authorization in the server components in git-core. This is delegated to the web server that runs in front of Git, just like with the system SSH server handling authentication for Git over SSH. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html