On 09.04.2013, Magnus Therning wrote: > I've been trying to set up git-http-backend+lighttpd. I've managed to > set up anonymous read-only access, and I then successfully configured > authentication for both read and write. Then I get stuck. The > man-page for git-http-backend says that the following snippet can be > used for Apache 2.x: > > <LocationMatch "^/git/.*/git-receive-pack$"> > AuthType Basic > AuthName "Git Access" > Require group committers > ... > </LocationMatch> > > However, when I put in this match on location in my lighty config and > try to push I'm not asked for a password, instead I'm greeted with > > % git push > error: The requested URL returned error: 403 Forbidden while > accessing http://magnus@tracsrv.local/git/foo.git/info/refs?service=git-receive-pack > > AFAICS this means the man-page is wrong, and that I instead ought to > match on the "service=git-receive-pack" part. Is that a correct > conclusion? Yes, it is. I have tried to do the same anonymous read and authenticated write in "smart HTTP" access in Apache. There are some proposals[1], all I think which use mod_rewrite (as LocationMatch doesn't take query string into account, unfortunately), but I haven't been able to make it work. The problem is that both POST *and GET* (to get refs) must be authethicated. Nb. I thought that it was corrected... which git version do you use? [1]: http://paperlined.org/apps/git/SmartHTTP_Ubuntu.html In the end I have worked around this by allowing all registered users to read with "require valid-user" (which in my situation might be even more correct solution; the case being repositories for Computer Science class lab work), and restricting write via pre-receive hook which checks REMOTE_USER. -- Jakub Narębski -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html