Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

procmail + change subject, w2ksp4.exe download, /proc/kallsyms format, sqldatasource dal, wwwxxxenden, convert raid5 to raid 10 mdadm, apache force chunked, nrao wwwxxx, xxxxxdup, procmail change subject header

Links

XODOX
Impressum

#1: SSLRequireSSL within LimitExcept

Posted on 2010-02-19 15:00:40 by Tobias Hensel

Hi,

I've set up a SVN with access via apache with and without SSL. I like to
confire that anoymous users have ro-access to the svn via http and https
and authenticated users have rw-access only via https.
I've seen a few examples on the internet where this has been made by
adding SSLRequireSSL within LimitExcept.
I added the following to my svn-config

<Location /svn>
DAV svn
SVNPath /svn/svnpath
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile authfile
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
SSLRequireSSL
</LimitExcept>
</Location>

When I access the svn via https it works, but when I access it via http
it does not work an I get the following error in my log:

/var/log/apache2/error.log:
[Fri Feb 19 13:53:09 2010] [error] [client 127.0.0.1] access to
/var/www/svn failed, reason: SSL connection required

/var/log/apache2/access.log:
127.0.0.1 - - [19/Feb/2010:13:53:09 +0100] "GET /svn/ HTTP/1.0" 403 183
"-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.8)
Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"

Should this work or is it just not possible to use SSLRequireSSL within
LimitExcept?

Greetings

Tobias
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message