Apache module authz commands are not additive

XMLWordPrintable

      I would like to restrict default access to one set of groups, but allow access to some sub-trees to other groups. However this does not seem to be possible. My test config is this:

              <Location /svn>
                DAV svn
                SVNPath /opt/repository

                AuthType Basic
                AuthName "Atlassian Subversion Repository"

                PerlAuthenHandler Apache::CrowdAuth
                PerlSetVar CrowdAppName svn-repo-test
                PerlSetVar CrowdAppPassword xxxx
                PerlSetVar CrowdSOAPURL https://extranet.atlassian.com/crowd/services/SecurityServer
                PerlSetVar CrowdCacheEnabled on
                PerlSetVar CrowdCacheLocation /tmp/CrowdAuth-private
                PerlSetVar CrowdCacheExpiry 30

                PerlAuthzHandler Apache::CrowdAuthz
                PerlSetVar CrowdAllowedGroups atlassian-xplatform

                Require valid-user

        </Location>

        <Location /svn/sysadmin>
                PerlAuthzHandler Apache::CrowdAuthz
                PerlSetVar CrowdAllowedGroups atlassian-sysadmin
                PerlSetVar CrowdAllowedUsers ssmith
        </Location>

      In this configuration neither the atlassian-sysadmin or ssmith can access the sysadmin subtree.

            Assignee:
            Adrian Hempel [Atlassian]
            Reporter:
            Steve Smith (Inactive)
            Votes:
            3 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: