Hi, I need to authenticate the users of my network to distinguish directories of SVN with ldap_auth. The method that I used is through the <Location> tag. The following method that I use is the correct method to prevent users that isnĀ“t inside the AD group GR_INT_SVN to access the /svn location?
################ *Versions *################ Apache/2.2.9 (Win32) DAV/2 SVN/1.5.1 Windows Server 2003 Enterprise Edition mod_authnz_ldap.so: 2.2.9 **################ *httpd.conf #################### *ServerRoot "C:/Arquivos de programas/Apache Software Foundation/Apache2.2" Listen 80 LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule asis_module modules/mod_asis.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authnz_ldap_module modules/mod_authnz_ldap.so LoadModule authz_default_module modules/mod_authz_default.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule cgi_module modules/mod_cgi.so LoadModule dav_module modules/mod_dav.so LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule dir_module modules/mod_dir.so LoadModule env_module modules/mod_env.so LoadModule include_module modules/mod_include.so LoadModule isapi_module modules/mod_isapi.so LoadModule ldap_module modules/mod_ldap.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule dav_module modules/mod_dav.so LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <IfModule !mpm_netware_module> <IfModule !mpm_winnt_module> User daemon Group daemon </IfModule> </IfModule> ServerAdmin ad...@domain.com DocumentRoot "C:/Arquivos de programas/Apache Software Foundation/Apache2.2/htdocs" <Directory "C:/Arquivos de programas/Apache Software Foundation/Apache2.2/htdocs"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <IfModule dir_module> DirectoryIndex index.html </IfModule> <FilesMatch "^\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog "logs/error.log" LogLevel warn <IfModule log_config_module> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common <IfModule logio_module> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio </IfModule> CustomLog "logs/access.log" common </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "C:/Arquivos de programas/Apache Software Foundation/Apache2.2/cgi-bin/" </IfModule> <IfModule cgid_module> </IfModule> <Directory "C:/Arquivos de programas/Apache Software Foundation/Apache2.2/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> DefaultType text/plain <IfModule mime_module> TypesConfig conf/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz </IfModule> <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> *<Location "/svn"> AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthName Subversion SVNPath E:\SVN\repository0 DAV svn SVNListParentPath on SVNPathAuthz on AuthLDAPUrl "ldap:// domain.com/dc=domain,dc=com?samAccountName?sub?(&(objectClass=User)(MemberOf=CN=GR_INT_SVN,OU=Internal,OU=Acessos,dc=domain,dc=com)) " AuthLDAPBindDN "CN=SVNQueryUser,OU=QueryUsers,dc=domain,dc=com" AuthLDAPBindPassword pass require valid-user </Location> # Project 01 <Location "/svn/P01"> AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthName Subversion_P01 AuthLDAPUrl "ldap:// domain.com/dc=domain,dc=com?samAccountName?sub?(&(objectClass=User)(MemberOf=CN=GR_INT_SVN_P01,OU=Internal,OU=Acessos,dc=domain,dc=com)) " AuthLDAPBindDN "CN=SVNQueryUser,OU=QueryUsers,dc=domain,dc=com" AuthLDAPBindPassword pass </location>* <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Allow from all </Directory> ################*####################**####################* -- Att. Bruno Galindro da Costa bruno.galin...@gmail.com