I'm trying to integrate a SVN Authz authorization file with apache configuration files to provide a solution for not just directory level restrictions, but also file level restrictions. It's my understanding that the SVN Authorization file is not capable of handling file-specific restrictions, only directory level.
The SVN Authz file is set up and i'm able to use it with absolutely no issues what-so-ever. If I switch to using just the Apache Conf file by itself, it works exactly as expected with no issues. But if I combine them I get something very weird. Everything works just fine, except the trying to commit the file that was restricted by the following Location/Limit: <Location "/subversion/repo/*/*/*/folder/structure/RestrictedFile"> <Limit PUT> Require user my_username </Limit> </Location> I'm able to view, update, and checkout the file, and am able to do anything (checkout, commit, etc) to other files in the same directory, but when I attempt perform a commit of changes to the "RestrictedFile", I get the following error: Error: Commit failed (details follow): Error: Server sent unexpected return value (403 Forbidden) in response to CHECKOUT Error: request for '/subversion/repo/!svn/ver/110/folder/structure/RestrictedFile' the apache access log file gives me the following: ip_address - - [30/Dec/2010:15:49:58 -0600] "OPTIONS /subversion/repo/folder/structure HTTP/1.1" 401 1337 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "OPTIONS /subversion/repo/folder/structure HTTP/1.1" 200 - ip_address - my_username [30/Dec/2010:15:49:59 -0600] "PROPFIND /subversion/repo/folder/structure HTTP/1.1" 207 816 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "OPTIONS /subversion/repo/folder/structure HTTP/1.1" 200 195 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "MKACTIVITY /subversion/repo/!svn/act/71f51505-a174-8349-ab61-843f80a40f8f HTTP/1.1" 201 234 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "PROPFIND /subversion/repo/!svn/vcc/default HTTP/1.1" 207 414 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "CHECKOUT /subversion/repo/!svn/bln/110 HTTP/1.1" 201 250 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "PROPPATCH /subversion/repo/!svn/wbl/71f51505-a174-8349-ab61-843f80a40f8f/110 HTTP/1.1" 207 469 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "PROPFIND /subversion/repo/folder/structure HTTP/1.1" 207 526 ip_address - - [30/Dec/2010:15:49:59 -0600] "CHECKOUT /subversion/repo/!svn/ver/110/folder/structure/RestrictedFile HTTP/1.1" 403 1021 ip_address - my_username [30/Dec/2010:15:49:59 -0600] "DELETE /subversion/repo/!svn/act/71f51505-a174-8349-ab61-843f80a40f8f HTTP/1.1" 204 - If I remove the <Location...> entry listed above, i'm able to commit just fine. My svnauthz file basically has this: [/] * = my_username = rw If I change "* = " to "* = r", I get the same issue. If I change it to "* = rw", I'm able to commit. Benjamin Ortega Benjamin Ortega ---------------------------------------------- Operations Systems Engineer Wells Fargo Bank, Des Moines, IA CORE Build & Deploy Team * : benjamin.ort...@wellsfargo.com<mailto:benjamin.ort...@wellsfargo.com> * : 515-720-2700 (cell) MAC: X2301-01X This transmission may contain information that is confidential and/or proprietary. If you are not the individual or entity to which it is addressed, note that any review, disclosure, copying, retransmission, or other use is strictly prohibited. If you received this transmission in error, please notify the sender immediately and delete the material from your system.
