subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Levy <andy.l...@gmail.com>
Subject Re: Forcing the association of the author
Date Tue, 16 Oct 2012 00:39:25 GMT
On Mon, Oct 15, 2012 at 5:37 PM, Gautier DI FOLCO
<gautier.difolco@gmail.com> wrote:
> I have an SVN repository requestable via Apache HTTPD Server 2.2.8. I want
> to
>
> allow anyone to update or commit on it but I want a committer name. So I
> must
>
> force the clients to provide an username but I don't want to check his
> password.
>
> I try this:
>
> <Location /svn>
>         DAV svn
>         SVNParentPath /www/svn
>         AuthName "SVN Auth"
>         AuthType Basic
>         Anonymous_NoUserId off
>         Anonymous_MustGiveEmail off
>         Anonymous_VerifyEmail off
>         Anonymous_LogEmail off
>         Require valid-user
> </Location>
>
> But it fails.
>
> Have you got on idea on how to do this?

You cannot allow anonymous commits if you want to capture the
committer's name. IOW, you need to require authentication and that
requires that you prompt for a password (also, consider this: if you
don't enforce passwords, a malicious user can commit things to the
repository and impersonate someone else - do you *really* want a
complete lack of accountability?). See
http://svnbook.red-bean.com/en/1.7/svn.serverconfig.httpd.html#svn.serverconfig.httpd.authn

Mime
View raw message