Ubuntu 20.04.1 LTS SVN服务器不需要身份验证

时间:2020-11-07 02:19:57

标签: apache authentication ubuntu-server ubuntu-20.04 svn-server

我尝试在家里的旧计算机上设置SVN服务器。我新安装了Ubuntu 20.04.1 LTS Server发行版,并遵循此guide。一切都运行良好,但是当我尝试通过Web浏览器(http:// local-ip-adress / svn / project)访问存储库时,无需进行身份验证即可直接访问它。

这是我的dav_svn.conf文件:

# dav_svn.conf - Example Subversion/Apache 

configuration
#
# For details and further options see the Apache user manual and
# the Subversion book.
#
# NOTE: for a setup with multiple vhosts, you will want to do this
# configuration in /etc/apache2/sites-available/*, not here.

# <Location URL> ... </Location>
# URL controls how the repository appears to the outside world.
# In this example clients access the repository as http://hostname/svn/
# Note, a literal /svn should NOT exist in your document root.
<Location /svn>

  # Uncomment this to enable the repository
  DAV svn

  # Set this to the path to your repository
  #SVNPath /var/lib/svn
  # Alternatively, use SVNParentPath if you have multiple repositories under
  # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
  # You need either SVNPath or SVNParentPath, but not both.
  SVNParentPath /var/www/svn

  # Access control is done at 3 levels: (1) Apache authentication, via
  # any of several methods.  A "Basic Auth" section is commented out
  # below.  (2) Apache <Limit> and <LimitExcept>, also commented out
  # below.  (3) mod_authz_svn is a svn-specific authorization module
  # which offers fine-grained read/write access control for paths
  # within a repository.  (The first two layers are coarse-grained; you
  # can only enable/disable access to an entire repository.)  Note that
  # mod_authz_svn is noticeably slower than the other two layers, so if
# you don't need the fine-grained control, don't configure it.

  # Basic Authentication is repository-wide.  It is not secure unless
  # you are using https.  See the 'htpasswd' command to create and
  # manage the password file - and the documentation for the
  # 'auth_basic' and 'authn_file' modules, which you will need for this
  # (enable them with 'a2enmod').
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd

  # To enable authorization via mod_authz_svn (enable that module separately):
  #<IfModule mod_authz_svn.c>
  #AuthzSVNAccessFile /etc/apache2/dav_svn.authz
  #</IfModule>

  # The following three lines allow anonymous read, but make
  # committers authenticate themselves.  It requires the 'authz_user'
  # module (enable it with 'a2enmod').
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>

</Location>

如何更改始终需要身份验证的设置?

1 个答案:

答案 0 :(得分:0)

由于 LimitExcept 标签中的“GET”,可以使用浏览器访问。删除它,您的浏览器会话将需要用户/密码。

LimitExcept PROPFIND 选项报告

相关问题
最新问题