[chora] Security Issues

[Mathieu Arnold]

Anil Madhavapeddy wrote:
> 
> Luis Martinez wrote:
> >
> > I have a working instalation of chora beta, which I
> > would like to be used for browsing our whole CVS tree.
> > The problem I am facing is that I cannot make a
> > per repository module (directory) authentication, since
> > I cannot find any directive in apache that manages the
> > rt=repository substrings appearing with the vars shown
> > in the URL that points to cvs.php.
> 
> Ok ... so you want authentication on a per-module basis.  How do you
> retrieve the username/passwords of people who are allowed access to a
> specific repository?  LDAP / SQL ?

I was looking at a per folder auth because I have a big repository which
is like this :
${CVSROOT}/client/project/ (mainly because I didn't wanted to have
hundreds of repositories)

so I was looking for a way to able to add auth wherever I needed to.
I was planning to work on this in august or september if my clients were
still bugging me with web cvs access.

-- 
Mathieu Arnold