Hello!
--Summary--
Path-based authorization seems to not work as documented
currently: The most specific path is *not* used.
Version: server=1.6.17, client=1.8.8 or 1.8.13
Might be a reincarnation of (closed?) Issue 3242:
http://svn.haxx.se/users/archive-2010-01/0124.shtml
http://subversion.tigris.org/issues/show_bug.cgi?id=3242
--Description--
The documentation says (for all versions since 1.5):
The thing to remember is that the most specific path always
matches first.
http://svnbook.red-bean.com/en/1.5/svn.serverconfig.pathbasedauthz.html
I'm having the following lines concerning repository `proj` in my
`access` file. As you can see, `/pub` should be publicly readable,
but nothing else:
Current access file contains:
[groups]
proj_staff = [...]
proj_other = [...]
[proj:/]
@proj_staff = rw
@proj_other = r
[proj:/pub]
* = r
@proj_staff = rw
[proj:/eval]
@proj_other =
[proj:/group]
@proj_other = rw
[proj:/group/foo]
foo = rw
The problem is:
* I can *NOT* `svn co https://...proj/pub` without authentification.
As expected, though:
* I can read `https://...proj/pub` in a web browser without
authentification.
* I can `svn export https://...proj/pub` without authentification.
This has been working until recently, probably with SVN 1.4.x on the
server side. Unfortunately I do not administer the subversion/apache
setup, so I do not have access to other config files.
Is ist a known issue? How can I fix it?
Thanks for helping!
Regards
Stefan
--
http://stefan-klinger.de o/X
/\/
\
