[SAC] Complex Subversion Access Rules

Markus Neteler neteler at osgeo.org
Thu Dec 6 11:50:44 EST 2007

Frank, Howard, Chris, SAC,

thanks for your extra efforts to make this possible.
As "consumer" of the new service we are happy to
see that it was implemented very quickly.
This enables us to proceed with our migration to the
OSGeo infrastructure.

Best regards

On Dec 6, 2007 8:09 AM, Frank Warmerdam <warmerdam at pobox.com> wrote:
> Folks,
> Projects like GRASS, QGIS and OpenLayers have traditionally not had
> "flat access" to their whole subversion respositories.  In the case of
> OpenLayers, for instance, I think they have a /sandbox area with much
> broader access, and then the rest of the respository only accessable
> to core commiters.
> In the past we only allowed a single LDAP "group" for each repository
> and so we were unable to practically offer this service.  However, with
> help from Chris Schmidt, and Howard Butler I was able to put a mechanism
> into place for relatively convenient maintenance of authz files to define
> authorization rules for a repository based on LDAP groups.
> There is some extra administrative overhead for SAC in setting up these
> scenarios, but it isn't bad.  And thereafter the projects can administer
> the members of the groups themselves.  I have documented the approach at:
>    http://wiki.osgeo.org/index.php/Subversion#Authz_Rules
> Best regards,
> --
> ---------------------------------------+--------------------------------------
> I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam at pobox.com
> light and sound - activate the windows | http://pobox.com/~warmerdam
> and watch the world go round - Rush    | President OSGeo, http://osgeo.org

More information about the Sac mailing list