On Mon, Apr 11, 2011 at 3:39 PM, git_usr <mygitgg...@yahoo.com> wrote:
> I think I understand what you mean, but problem is apache and > gitorious are using port:80. > Pound listens on 443 and once it auth's client certs it lets traffic > through to port 80. > So you should be able to access port 80 (Apache directly) to bypass the authentication? If the firewall has port 80 open and you don't want users to be able to access Gitorious over port 80 you could restrict the access to 127.0.0.1 only. > I'm confused, becuase I thought $ git push origin master goes over > ssh, which bypasses pound to the internal gitorious server? > When a user attempts to push, Gitorious needs to know whether that user should be allowed to do so, which means checking the database. Since loading the entire Rails environment is a quite heavy operation, we "ask" Gitorious through its web interface, which is already loaded, if the user should be allowed to push. Which is why we need to know the IP address and port to connect to in order to query for permissions. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
