subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Julie Voce <juliev...@outlook.com>
Subject using mod rewrite
Date Thu, 29 Oct 2020 09:41:46 GMT


I have mod_dav and authz_svn set up and working fine.  A virtual host exists as below.

I have a set of documents that I want to move to a top level.  Clients are set up only to
use the subdirectories, i.e. set up as svn co https://svn.compnay.com/config.  One group of
users is using svn+ssh and I want to move them to https to leverage better access control.
 I also want to move their files in /config/compliance to /compliance.  I cannot do this at
once as it will disrupt their access.  for the time being I want to move them to https://svn.company/config/compliance
but set them up as https://svn.company.com/complaince and within apache redirect https://svn.company.com/config/complaince
to https://svn.company.com/compliance.  Then when the time is right svn move the config/compliance
to compliance and add a <Location> section in apache to replace the re-write rules and
the user will carry on almost oblibious to the change.  However I cannot get the re-write
rules to work with SVN -Dav.  The commented out re-write rules end with a https::/svn.company.com/compliance
does not exist and using Re-write rules in a <Location> section is not recommended by
apache.

Can any one suggest how I can achieve the mapping of config/compliance -> compliance?

regards



<VirtualHost *:80>

        LogLevel debug

        RequestHeader edit Destination ^https: http: early

        PassEnv DENV

        SetEnv SERVICENAME subversion

        ServerName subversion

        DocumentRoot /mnt/svn/

        CustomLog "|/usr/sbin/rotatelogs -l /var/log/service/subversion_access_log.%Y-%m-%d
86400" common

        ErrorLog "|/usr/sbin/rotatelogs -l /var/log/service/subversion_log.%Y-%m-%d 86400"

#       SVNAllowBulkUpdates Off

#       RewriteEngine On

#       RewriteRule "^/compliance/(.*)" /config/compliance/$1 [PT,L]

#       RewriteRule "^/compliance$" "/config/compliance" [PT,L]

        LogLevel alert rewrite:trace5 core:trace5 authz_svn:trace5 dav_svn:trace5 authnz_ldap_module:trace5
auth_gssapi_module:trace5


<Location "/">

        DAV svn

        SVNPath /mnt/svn/company

        AuthType GSSAPI

        AuthName "Enterprise Subversion Repositories"

    <RequireAll>

        # as we Require on the root this applies to all

        # paths below it.

        Require valid-user

    </RequireAll>

        GssapiBasicAuth On

        GssapiCredStore keytab:/etc/httpd/subversion.keytab

        GssapiNegotiateOnce On

        GssapiSignalPersistentAuth On

        GssapiLocalName on

        GssapiUseSessions On

        Session On

        SessionCookieName krb5_session path=/;httponly;secure;

</Location>


<LocationMatch "/config">

        AuthType GSSAPI

        GssapiCredStore keytab:/etc/httpd/subversion.keytab

        GssapiNegotiateOnce On

        GssapiSignalPersistentAuth On

        GssapiLocalName on

        GssapiUseSessions On

        Session On

        SessionCookieName krb5_session path=/;httponly;secure;

    <RequireAll>

           Require ldap-group-config

           Require valid-user

    </RequireAll>

</LocationMatch>


</Location>

</VirtualHost>


<

Mime
View raw message