用户创建完,接下来编辑一下authz (/opt/svn/data/repos/conf/authz) 里面也 有相应的模板例子
[groups] (表示群组)
boss=admin //组名=用户,用户,用户……(逗号分隔)
boys=username
……
[repos:/]
@boss=rw
@boys=r
*=
具体怎么配置就自己去查阅资料啦。r 读 w 写
(2)配置Apache
cd /usr/local/apache/
把subversion中的两个文件拷贝到./modules/
cp /usr/local/subversion/libexec/mod_authz_svn.so ./modules/
cp /usr/local/subversion/libexec/mod_dav_svn.so ./modules
接下来,编辑httpd.conf
vi ./conf/httpd.conf
首先在LoadModules的末端,加上
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
然后在配置末尾加上
<Location /repos>
DAV svn
SVNParentPath /opt/svn/data/ #SVN仓库的父目录
SVNListParentPath On
SVNAutoversioning On
SVNReposName "repos"
AuthzSVNAccessFile /opt/svn/data/repos/conf/authz #前面生成的访问控制文件
AuthType Basic
AuthName "hello,welcome to my repos!"
AuthUserFile /opt/svn/data/repos/conf/passwd #用户文件
Require valid-user
</Location>
到此整合完啦,重启一下apache
./bin/apachectl -k restart
可以用浏览器打开 输入 提示输入帐号 密码 进入。
八、配置Https
(1)首先要生成证书私钥
cd /usr/local/apache/conf/ #直接在conf目录下存放
/usr/local/openssl/bin/openssl genrsa 1024 > server.key
输出提示:
Generating RSA private key, 1024 bit long modulus
.....++++++
........++++++
e is 65537 (0x10001)
这样就生成好了 server.key 这个文件在conf中
(2)对凭证进行填写必要信息
/usr/local/openssl/bin/openssl req -new -key server.key > server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Guangdong
Locality Name (eg, city) []:Shenzhen
Organization Name (eg, company) [Internet Widgits Pty Ltd]:xxxxx
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:xxxxxxx
Email Address []:xxxxxxx
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxxxxx
An optional company name []:xxxxxxx
填好信息,生成server.csr
(3)生成证书
/usr/local/openssl/bin/openssl req -x509 -days 1024 -key server.key -in server.csr > server.crt # -days 表示有效期
(4)编辑配置文件httpd.conf httpd-ssl.conf
vi httpd.conf
将 #Include conf/extra/httpd-ssl.conf
前面的‘#’ 去掉
Include conf/extra/httpd-ssl.conf
vi ./extra/httpd-ssl.conf
加上
SSLCertificateFile "/usr/local/apache/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache/conf/server.key"
(5)强制要求通过https访问 /repos
在httpd.conf中
<Location /repos>
SSLRequireSSL
.
.
.
.
.
</Location
(6)
重启Apache,搞定。
--------------------------------------分割线 --------------------------------------
Windows下SVN服务器搭建和使用 + 客户端重新设置密码
Ubuntu Server 12.04 安装 SVN 并迁移 Virtual SVN数据
--------------------------------------分割线 --------------------------------------