In my apache config I currently have the following settings on an svn/dav folder:
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require user admin
Allow From all
<Limit GET PROPFIND OPTIONS REPORT>
Allow from env=ValidXForward
Allow from env=NoXForward
The XForward env's are calculated to determine where the request is coming from (via
the proxy etc).
So the idea is that from inside, the env= rules allow all GET/PROPFIND/OPTIONS/REPORT
requests from internal IP's with no credentials, and also from outside with valid
credentials. This works fine.
Other requests (not GET/PROPFIND/OPTIONS/REPORT) only work for user admin. The problem is
that when another user is specified, apache returns a 401 and the user gets prompted for
different credentials. I don't want this. If the user is a valid user but is not
allowed access then I want 403 to be returned and the user to get a DENIED.
Does anyone know how to make this happen?
Show replies by date