Hello all,
I am using a WSGIAuthUserScript to authenticate users against git
repositories (following
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms) that I am
serving via Apache. I am essentially trying to mimic mod_authz_svn so I can
maintain a list of users against and git repo names and map permissions per
user per repo.
The environ variable in the check_password function is all the information
I have access to about the DAV call initiated by the git client.
My script currently depends on REQUEST_URI variable to determine the repo
(relative to the base path) that the user is attempting to access. I chop
the requested URL
Was wondering if I am on the right track? Or is there a better way of
determining the accessed location for authentication?
Appreciate your time.
My Apache configuration looks like this so far:
ServerName git.etk.private
DavLockDB "/tmp/dav.lock"
<VirtualHost *:80>
ServerName git.etk.private
DocumentRoot /srv/git
ScriptAlias / /usr/lib/git-core/git-http-backend/
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GIT_PROJECT_ROOT /srv/git
SetEnv GIT_SSL_NO_VERIFY 1
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /srv/git/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$
/srv/git/$1
CustomLog /var/log/apache2/git.etk.private-access.log common
ErrorLog /var/log/apache2/git.etk.private-error.log
<Directory /srv/git>
AllowOverride None
Options +ExecCGI -Includes
Order allow,deny
Allow from all
</Directory>
<Location />
AuthType Basic
AuthName "Git"
Require valid-user
AuthBasicProvider wsgi
WSGIAuthUserScript /srv/git/auth.wsgi
</Location>
</VirtualHost>
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/modwsgi?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
