subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Hauffe <>
Subject Apache SVN module and LUA authentification hook
Date Fri, 05 Jan 2018 15:00:32 GMT
Hello community,

I have an Apache 2.4 which shall deliver SVN repos by the http-Protocol. I'm experienced with
standard Basic Authentification and path-based authorization for the Subversion repo.

In my new application, the authentication will be done by a LUA-script using the directive
"LuaHookCheckUserID". Generally, the LUA script works as expected (used this documentation<>).

Unfortunately it seems, that the authorization file (Subversion Accessfile) is not read out
correctly. I see an empty repo with my (authorized) user.

>From the logfile (Debug/Error) I see, that LUA granted my user. But also a "Access denied"
message on a SVN file path:

[lua:debug] [pid 6872:tid ] @/path/to/hook.lua(29): [client ip] Accepted user myuser
[authz_svn:info] [pid 6872:tid ] [client ip] Access granted: 'myuser' GET (null)
[authz_svn:debug] [pid 6872:tid ] subversion/mod_authz_svn/mod_authz_svn.c(450): [client ip]
Path to authz file is /path/to/accessfile
[authz_svn:info] [pid 6872:tid ] [client ip] Access denied: - GET repo002:/file.txt

My simplest working LUA-Scripts goes here:

require 'apache2'
function authcheck_hook(r)
    r.user = "myuser"
    r:debug("Accepted user " .. r.user)
    return apache2.OK

This is the configuration for the Repo:
<Location /svn/repo002>
    DAV svn
    SVNPath "/path/to/repo002"

    AuthzSVNAccessFile "/path/to/accessfile"

    Require valid-user
    LuaHookCheckUserID "/path/to/hook.lua" authcheck_hook

I have a basic-auth secured repo with the same accessfile nearby and it works correctly.

Question: How can I give the "authz_svn" module my username from LUA? I think this is the

Thanks and Kind Regards,
Stefan Hauffe

View raw message