Servidor Visual Svn: Como restringir a edição pelo endereço IP especificado

2

Eu quero permitir que apenas um IPAddess específico edite (adicione, exclua, atualize ...) o meu servidor svn visual, mas todos os outros IPAddess devem ser capazes de ler ...

Eu acredito que é necessário uma mudança como essa no arquivo %VISUALSVN_SERVER%conf\httpd-custom.conf

<VirtualHost *:80>
  <Location /svn>
    # write access
    <LimitExcept GET PROPFIND OPTIONS REPORT>
      Order deny,allow
      deny from all
      Allow from XXX.XXX.XXX.XXX
    </LimitExcept>
  </Location>
</VirtualHost>

mas não conhece bem o servidor svn visual. qual é o caminho certo?

Visual SVN Server 3.2 x64 está instalado em Windows 2008 R2 Server x64

UPDATE do suporte do VisualSvn

Such feature is not available in VisualSVN Server 3.2 out-of-the-box, however we consider the possibility to implement it in future versions. [...] Generally speaking, it is possible to implement IP-based restrictions via modifying httpd-custom.conf file, however we strongly discourage to take this approach. VisualSVN Server has "SVNPathAuthz short_circuit" option enabled, which dramatically improves authorization performance. The option has a limitation, though: server configuration mustn't rely on other authorization modules such as "authz_host_module" (which is responsible for IP-based checks), otherwise you will encounter unexpected behavior with authorization. On the other hand, if you disable "short_circuit" you will definitely notice performance degradation when running authorization-intensive operations against you repositories (such as running svn log, svn checkout, 'svn export, etc or running a graphical repository browser such as the one TortoiseSVN client provides)

    
por Simone Nigro 15.12.2014 / 21:18

0 respostas