[svnbook] r5738 committed - branches/1.8/zh/book/ ch06-server-configuration.xml
wuzhouhui at users.sourceforge.net
wuzhouhui at users.sourceforge.net
Fri Aug 3 23:24:48 CDT 2018
Revision: 5738
http://sourceforge.net/p/svnbook/source/5738
Author: wuzhouhui
Date: 2018-08-04 04:24:46 +0000 (Sat, 04 Aug 2018)
Log Message:
-----------
1.8/zh: translation of chapter 6 in progress
Modified Paths:
--------------
branches/1.8/zh/book/ch06-server-configuration.xml
Modified: branches/1.8/zh/book/ch06-server-configuration.xml
===================================================================
--- branches/1.8/zh/book/ch06-server-configuration.xml 2018-07-30 14:54:41 UTC (rev 5737)
+++ branches/1.8/zh/book/ch06-server-configuration.xml 2018-08-04 04:24:46 UTC (rev 5738)
@@ -4049,6 +4049,8 @@
</programlisting>
</informalexample>
+ <!-- ### TODO -->
+ <!--
<para>Sometimes you don't need to run such a tight ship. For
example, the server hosting Subversion's own source code at
<ulink url="https://svn.apache.org/repos/asf/subversion/"/> allows
@@ -4061,7 +4063,18 @@
have starting and ending tags, and you would nest them
inside your <literal><Location></literal>
block.</para>
+ -->
+ <para>有时候, 你并不需要这么绝对的设置. 比如说托管 Subversion 源代码
+ 的服务器 (<ulink
+ url="https://svn.apache.org/repos/asf/subversion/"/>) 允许所有人
+ 对仓库执行只读操作 (例如检出工作副本, 浏览仓库等), 但只允许认证
+ 用户执行写操作. 配置指令 <literal>Limit</literal> 和
+ <literal>LimitExcept</literal> 可以实现这种有选择的访问限制, 和
+ 配置指令 <literal>Location</literal> 一样, 前面两个配置指令也有开
+ 标签和闭标签, 管理员需要把它们放在 <literal><Location></literal>
+ 内部.</para>
+ <!--
<para>The parameters present on the <literal>Limit</literal>
and <literal>LimitExcept</literal> directives are HTTP
request types that are affected by that block. For example,
@@ -4073,6 +4086,15 @@
<literal>Require valid-user</literal> directive inside the
<literal><LimitExcept></literal> block instead of just
inside the <literal><Location></literal> block.</para>
+ -->
+ <para><literal>Limit</literal> 和 <literal>LimitExcept</literal>
+ 内的参数是 HTTP 请求类型, 这些请求类型将会受到这两个配置指令的
+ 影响. 比如说为了允许匿名的只读访问, 管理员需要使用配置指令
+ <literal>LimitExcept</literal> (为指令添加请求类型参数
+ <literal>GET</literal>, <literal>PROPFIND</literal>,
+ <literal>OPTIONS</literal> 和 <literal>REPORT</literal>), 还要把
+ 前面提到的配置指令 <literal>Require valid-user</literal> 写到
+ <literal><LimitExcept></literal> 内.</para>
<informalexample>
<programlisting>
@@ -4094,6 +4116,7 @@
</programlisting>
</informalexample>
+ <!--
<para>These are only a few simple examples. For more in-depth
information about Apache access control and the
<literal>Require</literal> directive, take a look at the
@@ -4100,13 +4123,23 @@
<literal>Security</literal> section of the Apache
documentation's tutorials collection at <ulink
url="http://httpd.apache.org/docs-2.0/misc/tutorials.html"/>.</para>
+ -->
+ <para>前面展示的只是一些很简单的例子, 如果想知道关于 Apache 访问控制和
+ 配置指令 <literal>Require</literal> 的更多细节, 可以参考 Apache
+ 文档的教程集合 (<ulink
+ url="http://httpd.apache.org/docs-2.0/misc/tutorials.html"/>) 中的
+ <literal>Security</literal> 部分.</para>
</sect3>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<sect3 id="svn.serverconfig.httpd.authz.perdir">
+ <!--
<title>Per-directory access control</title>
+ -->
+ <title>每个目录的访问控制</title>
+ <!--
<para>It's possible to set up finer-grained permissions using
<command>mod_authz_svn</command>. This Apache module grabs
the various opaque URLs passing from client to server, asks
@@ -4113,6 +4146,11 @@
<command>mod_dav_svn</command> to decode them, and then
possibly vetoes requests based on access policies defined in
a configuration file.</para>
+ -->
+ <para>还可以使用 Apache 模块 <command>mod_authz_svn</command> 进行
+ 更细致的权限设置, 该模块截取从客户端发往服务器的 URL, 然后请求
+ 模块 <command>mod_dav_svn</command> 对 URL 进行解码, 根据定义在
+ 配置文件里的访问策略, 可能会禁止客户端的请求.</para>
<para>If you've built Subversion from source code,
<command>mod_authz_svn</command> is automatically built
More information about the svnbook-dev
mailing list