Subversion Repositories DevTools

#
#       Web server configuration for LXR root directory
#       From thr LXR Installation with restrictions to prevent all 
#       users from accessing LXR
#
#       $Id: htaccess-generic,v 1.9 2014/03/10 16:40:27 ajlittoz Exp $
#
#       Content of this file is independent of the location of
#       the LXR root directory.
#       Need for user-customization should be very limited.
#       Eventually, access to LXR root directory can be relaxed.
#       Default is very restrictive.
#
# Cannot grant Apache 2.2/2.4 implicit compatibility because Require
# directive syntax and semantics changed between releases.
# When updating 2.2 -> 2.4, uncomment 2.4 specific lines


# Enable CGI script execution and use of symlinks
Options ExecCGI FollowSymlinks

                # up to Apache 2.2
#       Order deny,allow
                # from Apache 2.4
#       No directive needed


# =================================================
#
# -----------    Access restrictions    -----------
#

# Do not allow to list directories content
# NOTE: remove - sign when debugging LXR installation so that you
#               can see what's really in the directories.
Options -Indexes

# Forbid direct access to any file in LXR root and its subdirectories
<FilesMatch ".">
                # up to Apache 2.2
#       Deny from all
                # from Apache 2.4
        Require all denied
</FilesMatch>

# But allow access to style sheets
<FilesMatch "\.css$">
                # up to Apache 2.2
#       Allow from all
                # from Apache 2.4
        Require all granted
</FilesMatch>
# and graphic files (for icons)
<FilesMatch "\.(bmp|gif|icon?|jpe?g|png|svg|tiff?)$">
                # up to Apache 2.2
#       Allow from all
                # from Apache 2.4
        Require all granted
</FilesMatch>
# VIX - Allow access to test file so that Release Manager Web Server
#       can probe for LXR access
<Files "source.test">
        Require all granted
</Files>

# =================================================
#
# ----------- LXR scripts configuration -----------
#
#
<Files ~ (search|source|ident|diff|showconfig)$>
                # up to Apache 2.2
#       Allow from all
                # from Apache 2.4
        #Require all granted
        # VIX - Limit access to Domain Users eho are also members of the
        #       svn.perdev group
        #
        #       Access granted to everybody
        <RequireAll>
                AuthLDAPBindDN "CN=ldap.buildsystem,DC=vix,DC=local"
                AuthLDAPBindPassword VixPass.2016
                AuthLDAPURL ldap://10.0.0.10:389/DC=vix,DC=local?sAMAccountName?sub?(objectClass=*)

                AuthType Basic
                AuthName "VIX Realm"
                AuthBasicProvider ldap

                AuthLDAPGroupAttributeIsDN on
                AuthLDAPGroupAttribute member
                require ldap-group CN=svn.perdev,OU=Groups,DC=vix,DC=local
        </RequireAll>
         # End VIX insert

        # *** mod_perl use ***
        <IfModule mod_perl.c>
                SetHandler perl-script

                # Configuration parameters changed between mod_perl versions:
                <IfDefine MODPERL2>
                        PerlOptions +ParseHeaders
                # Apache can dispatch execution according to 2 modes.
                # mod_perl initialization differs slightly:
                        <IfModule prefork.c>
                                PerlHandler ModPerl::RegistryPrefork
                        </IfModule>
                        <IfModule worker.c>
                                PerlHandler ModPerl::Registry
                        </IfModule>
                </IfDefine>

                <IfDefine !MODPERL2>
                        PerlSendHeader On
                        PerlHandler Apache::Registry
                </IfDefine>

        </IfModule>

        # *** CGI use ***
        <IfModule !mod_perl.c>
                SetHandler cgi-script
        </IfModule>

</Files>