On Fri, Dec 31, 2010 at 11:04 AM, <benjamin.ort...@wellsfargo.com> wrote: > I'm trying to integrate a SVN Authz authorization file with apache > configuration files to provide a solution for not just directory level > restrictions, but also file level restrictions. It's my understanding that > the SVN Authorization file is not capable of handling file-specific > restrictions, only directory level.
This is not true. SVN authz manages "paths" and a path can be a directory or a file. Of course it has to be the full path to the file as there is no wild-card support. > <Location "/subversion/repo/*/*/*/folder/structure/RestrictedFile"> > <Limit PUT> > Require user my_username > </Limit> > </Location> I am not aware of being able to define rules for paths within a repository this way. When the SVN client does the commit it does so against a temporary path, so you cannot use paths in your repository. I do believe there are people that have written rules against the temporary paths and if you did so properly then it might work. That said, I am also not confident that you can successfully mix the Subversion authz file with the other Apache require directives. I have tried in the past to mix authz with the require-ldap-group directive and the two just do not mix as these directives become additive. Meaning if either directive would allow the user access then they get access and you do not get the restrictive behavior of authz that is desired. -- Thanks Mark Phippard http://markphip.blogspot.com/
