Good idea. Here is the config. :-)
== svnserve.conf ==
[general]
anon-access = none
auth-access = write
realm = MyDomain
authz-db = authzfile
[sasl]
use-sasl=true
== authzfile (stripped all groups that "mk" is not member of) ==
[aliases]
mk = CN=Markus Karg,OU=Lokale-Benutzer,DC=MyDomain,DC=local
[groups]
the.developers = &mk
[/]
@the.developers = rw
There is another strange thing: As soon as I use the ambersand ("&mk") instead
of simply "mk", it does *always* say Access Denied (while it works well but
only denis *some* paths when using "mk" without the ambersand). This is weird,
as "mk" is not a user but an alias...!?
It is totally strange. For me it looks like a rather big bug in svnserve...!
Thanks!
-Markus
-----Ursprüngliche Nachricht-----
Von: Daniel Shahaf [mailto:[email protected]]
Gesendet: Montag, 26. November 2012 15:52
An: Jan Keirse
Cc: Markus Karg; [email protected]
Betreff: Re: Path-based authorization buggy when using SASL-LDAP
Jan Keirse wrote on Mon, Nov 26, 2012 at 09:42:53 +0100:
> On Mon, Nov 26, 2012 at 9:28 AM, Markus Karg <[email protected]> wrote:
>
> > I am using aliases (as typical with LDAP), so the cause you
> > described should not happen. Also, everything is lower case (alias
> > names, group names, etc.). And I do not have any relation between
> > the rules‘ paths and the failing paths, as I said initially.****
> >
> > **
> >
>
> Okay, than you have another problem.
>
FWIW: I would suggest to post a minimal httpd.conf + svn authz file with which
the problem was successfully reproduced.
>
> > **
> >
> > Also, I did not find a documentation on „force-username-case“. Can
> > you point me to a description on the web? J
> >
>
> 11 Oct 2010:
> http://mail-archives.apache.org/mod_mbox/subversion-commits/201010.mbo
> x/%[email protected]%3E
>
> So it was introduced after 1.6.12 was released (21 Jun 2010).
It is a new feature so it would have first appeared in a minor release
--- hence, it was added in 1.7.0
