The result is a standardized, robust system that is conveniently packaged as part of the Apache 2.0 software, supported by numerous operating systems and third-party products, and doesn't require network administrators to open up yet another custom port., it's also a bit more difficult to set up. Much of the following discussion includes references to Apache configuration directives.
While some examples are given of the use of these directives, describing them in full is outside the scope of this chapter.
Certificate information: - Hostname: wikisrv - Valid: (サーバ証明書の有効期間) - Issuer: (サーバ証明書に登録されている内容) - Fingerprint: (サーバ証明書に登録されている内容) (R)eject, accept (t)emporarily or accept (p)ermanently?
This protocol takes the ubiquitous HTTP protocol that is the core of the World Wide Web, and adds writing—specifically, versioned writing—capabilities.
These items have already been configured with a set of permissions that allows them to work with Apache, or more appropriately, that allows Apache to work with those files.
Just be aware that permission-related problems are perhaps the most common oversight when configuring a Subversion repository for use with Apache.
New password: ***** Re-type new password: ***** $ htdigest /etc/svn-auth.htdigest "Subversion repository" sally Adding user sally in realm Subversion repository New password: ******* Re-type new password: ******* $ At this point, you've configured authentication, but not authorization.
Apache is able to challenge clients and confirm identities, but it has not been told how to allow or restrict access to the clients bearing those identities.
$ ### First time: use -c to create the file $ ### Use -m to use MD5 encryption of the password, which is more secure $ htpasswd -c -m /etc/svn-auth.htpasswd harry New password: ***** Re-type new password: ***** Adding password for user harry $ htpasswd -m /etc/svn-auth.htpasswd sally New password: ******* Re-type new password: ******* Adding password for user sally $ authorization were required, it should challenge the Subversion client for a username and password.
(When authorization is required, Apache requires authentication as well.) What's missing here, however, are directives that tell Apache DAV svn SVNParent Path /var/svn # Authentication: Basic Auth Name "Subversion repository" Auth Type Basic Auth Basic Provider file Auth User File /etc/svn-auth.htpasswd # Authorization: Authenticated users only Require valid-user Digest authentication is an improvement on Basic authentication which allows the server to verify a client's identity without sending the password over the network unprotected.