On Wed, Oct 13, 2010 at 3:42 PM, Shaun Pinney <shaun.pin...@bil.konicaminolta.us> wrote: >> The usual issue is making sure people outside the project are >> prevented from reading the code. You might not want people in your >> project making changes on tags and branches, but there usually isn't a >> security issue if they see the code on the branches and tags. > > Our issue is handling multiple companies doing development on the same > project. Various restrictions (e.g. licensing) prevent us from sharing > all project files with everyone involved. It's a tricky use case. We > also have additional considerations which require us to control project > read access within a project even within the same company.
So, you have a branch for each company, and that's why you need specific read permissions on each branch? If that's the case, I can see why you want to restrict reading privileges on a per-branch basis. How do you handle branching and tags in that case? Do you branch branches and tags off the company branches? You'll have to get LDAP working. Otherwise you'll be spending most of your time changing the httpd configuration and bouncing the server. With LDAP, you won't have to touch the httpd configuration. A change in the LDAP security will immediately be reflected in the Subversion permissions. -- David Weintraub qazw...@gmail.com
