RE: [users@httpd] Subversion + AuthPAM with read and write groups through LimitExcept not working for me

Tue, 19 Sep 2006 15:53:03 -0700 

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of 
> Joshua Slive
> Sent: Tuesday, September 19, 2006 2:37 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Subversion + AuthPAM with read and 
> write groups through LimitExcept not working for me
> 
> On 9/19/06, Schindler, Nathan 
> <[EMAIL PROTECTED]> wrote:
> 
> > Your suggestion helps.  However, I'm noticing that "Require 
> group" is 
> > causing problems.
> 
> Exactly what happens with the require group.  You never 
> explain what you see when you use this config.
> 
> Joshua.
> 

Thanks to your help, I think I got it.  While gathering more information
for the different configs I tried in order to answer the "/exactly/ what
happens" question, I retried one, and it actually worked.
LimitExcept (read/write) needs to be before Limit (read-only), and
read/write groups need to be listed in both Limit and LimitExcept.  I
thought I had tried this, but maybe I changed something ever-so-slightly
this time.  Here's what ended up working:

#Begin Config
<Location /repos/repo1>
   DAV svn
   SVNPath /var/repos/repo1
   SVNIndexXSLT "/svnindex.xsl"
   SSLRequireSSL
   AuthType Basic
   AuthName "Authorization Realm"
   AuthPAM_Enabled on
      <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require group "domain+read write group"
      </LimitExcept>
      <Limit GET PROPFIND OPTIONS REPORT>
            Require group "domain+read only group" "domain+read write
group"
      </Limit>
</Location>
#End Config

Again, thanks very much!  This was driving me crazy. :)

-Nate
Note: The information contained in this message may be privileged and
confidential and thus protected from disclosure. If the reader of this
message is not the intended recipient, or an employee or agent responsible 
for delivering this message to the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this
communication is strictly prohibited.  If you have received this
communication in error, please notify us immediately by replying to the 
message and deleting it from your computer.  Thank you.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to