I have git setup with my Apache2 server and it serves git request just fine. Now I want to setup Basic Authentication for this, so not everybody can use every directory. My goal is that only the ADMIN group has access to the complete `/var/www/html/git` directory and my GITGROUP can access *only* `/var/www/html/git/subdir` directories. However, while Apache is asking for credentials, with the setup (below) GITGROUP is still allowed to access *all* git directories. What am I doing wrong?
|SetEnv GIT_PROJECT_ROOT /var/www/html/git SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /git/ /usr/lib/git-core/git-http-backend/ <Directory /usr/lib/git-core> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/apache2/.htpasswd" AuthGroupFile "/etc/apache2/groups" Require group ADMIN GITGROUP Order allow,deny Allow from all </Directory> <Directory /var/www/html/git> AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/apache2/.htpasswd" AuthGroupFile "/etc/apache2/groups" Require group ADMIN Options -Indexes Order allow,deny Allow from all </Directory> <Directory /var/www/html/git/subdir> AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/apache2/.htpasswd" AuthGroupFile "/etc/apache2/groups" Require group ADMIN GITGROUP Options -Indexes Order allow,deny Allow from all </Directory>|
