Good idea. Here is the config. :-)
== svnserve.conf == [general] anon-access = none auth-access = write realm = MyDomain authz-db = authzfile [sasl] use-sasl=true == authzfile (stripped all groups that "mk" is not member of) == [aliases] mk = CN=Markus Karg,OU=Lokale-Benutzer,DC=MyDomain,DC=local [groups] the.developers = &mk [/] @the.developers = rw There is another strange thing: As soon as I use the ambersand ("&mk") instead of simply "mk", it does *always* say Access Denied (while it works well but only denis *some* paths when using "mk" without the ambersand). This is weird, as "mk" is not a user but an alias...!? It is totally strange. For me it looks like a rather big bug in svnserve...! Thanks! -Markus -----Ursprüngliche Nachricht----- Von: Daniel Shahaf [mailto:d...@daniel.shahaf.name] Gesendet: Montag, 26. November 2012 15:52 An: Jan Keirse Cc: Markus Karg; users@subversion.apache.org Betreff: Re: Path-based authorization buggy when using SASL-LDAP Jan Keirse wrote on Mon, Nov 26, 2012 at 09:42:53 +0100: > On Mon, Nov 26, 2012 at 9:28 AM, Markus Karg <k...@quipsy.de> wrote: > > > I am using aliases (as typical with LDAP), so the cause you > > described should not happen. Also, everything is lower case (alias > > names, group names, etc.). And I do not have any relation between > > the rules‘ paths and the failing paths, as I said initially.**** > > > > ** > > > > Okay, than you have another problem. > FWIW: I would suggest to post a minimal httpd.conf + svn authz file with which the problem was successfully reproduced. > > > ** > > > > Also, I did not find a documentation on „force-username-case“. Can > > you point me to a description on the web? J > > > > 11 Oct 2010: > http://mail-archives.apache.org/mod_mbox/subversion-commits/201010.mbo > x/%3c20101011192637.0d3772388...@eris.apache.org%3E > > So it was introduced after 1.6.12 was released (21 Jun 2010). It is a new feature so it would have first appeared in a minor release --- hence, it was added in 1.7.0