-3

I have a subversion server with a couple people working on a certain repository. I am adding a new user but for this new user, I only want him to have access to the SVN server from a "specific IP" only.

Even better if I can limit access by IP address not only specific to a certain user but also specific to a repository, per repository, but not necessary.

I did some reading and seems there's supposed to be some "LocationMatch" thing I can edit in SVN's httpd.conf or something to add a statement about deny from any and then allow from certain IPs but that would affect "all users" I think.

I guess I can clone the repo for this new user etc but I'd rather have them all work on the same "repo" so I don't have to then mergesync commits between repos.

htfree
  • 481

2 Answers2

1

Unless the URL your user accesses is different in some way from that of other users access, there doesn't appear to be a way to block the access at the webserver / network level without impacting the other users. You are correct that configuring deny / allow would impact the website access for all users.

I did not find anything that indicates SVN supports internal network access configurations on a per user basis.

Some quick research brought up a few similar questions, and this interesting list of blacklisting options if you can find components of the individual users request to identify them https://perishablepress.com/eight-ways-to-blacklist-with-apaches-mod_rewrite/

DCLacoste
  • 21
1

I figured should confirm as accepted answer what I already solved long ago. I've been using a combination of svn_access rules and svn_auth that solves the problem and works perfectly such that when accessing from certain IP addresses access is denied while access from other IP address is allowed. This configuration is done using svn/subversion configuration files. (I am using collabnet edge subversion but I see no reason this won't work on any subversion server that uses apache to serve the files.)

htfree
  • 481