<div dir="ltr">To use modwsgi you will need a line in your virtualhost like<br>WSGIScriptAlias /repos /my/project/apache/bzr-handler.py<br><br>then my bzr-handler.py is something like<br><br>from bzrlib.transport.http import wsgi<br> import sys<br>sys.path.append('/my/project')<br>from settings import BAZAAR_REPO_PATH<br><br>application = wsgi.make_app(<br>    root=BAZAAR_REPO_PATH,<br>    prefix='/repos/',<br>    path_var='REQUEST_URI',<br>     readonly=False)<br><br>now you can use the bzr+http:// smart protocol to read/write bazaar, BUT the simple weblisting of your project directory won't work as it's handled to the bzr-handler as well. (You can try to solve this by adding WSGIMatch (or something like this) instead of the WSGIScriptAlias)<br> <br>so, let's make the authentication!<br><br>    <Directory /my/project/apache><br>        Order deny,allow<br>        Allow from all<br>        <br>        <Files bzr-handler.py><br>        AuthType Basic<br>            AuthName "Coosci - Repositories"<br>           Require valid-user<br>        </Files><br>    </Directory><br><br>now you should access these repos with bzr+<a href="http://username">http://username</a>@<a href="http://yourhost.com">yourhost.com</a>, and bazaar will ask for a password<br> <br>I hope this helps<br>V<br><br>2008/9/5 Lionel Dricot <span dir="ltr"><<a href="mailto:zeploum@gmail.com">zeploum@gmail.com</a>></span><br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div dir="ltr"><br><br><div class="gmail_quote"><div class="Ih2E3d">On Fri, Sep 5, 2008 at 3:56 PM, Viktor Nagy <span dir="ltr"><<a href="mailto:viktor.nagy@gmail.com" target="_blank">viktor.nagy@gmail.com</a>></span> wrote:<br> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div dir="ltr"><br><div class="gmail_quote"><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div dir="ltr">1) First use case : the LDAP centralized server.<br> <br>I want to have a centralized Bzr server for my "trunk". But it has some limitation : I want the access to be provided over http/https by Apache (like I'm doing with SVN currently). Also, the authentification is done by an LDAP server. But I still want to have per-user authorization (I'm currently doing it in a dav_svn.authz file). How can I reproduce this usecase ? I want to stress that in some of my project, confidentiality is really important so I must be able to be sure that read access is only available for a few allowed users. Also, if permissions are handled by dav, what about local users on the same filesystem ?<br> <br>Bonus point : if a user make its own branch. I understand that it can push it to the trunk if I give him the authorization. But how can I say : "It's a good branch, let's host it on the server alongside with the trunk" ?</div> </blockquote></div><div><br>You can use mod_wsgi (or if you prefer modpyhton) and bazaar for example. What I do is that I serve the bzr repo through mod_wsgi, but the wsgi handler file has an Apache auth required statement. Actually, I use Basic Auth and authenticate using a django site, but I guess LDAP should work as well.<br>   </div></div></div></blockquote></div><div><br>Thanks a lot for your answer. Could you give me more information about your configuration ? (You apache config for that would be a great help). Indeed, if you succeed with BasicAuth, there's no problem switching to LDAP.<br> <br>Also, could you explain me how you "serve" bzr over Apache ?<br><br>Thanks a lot, your information is invaluable for me !   I really thing that it's currently a great missing point in the Bzr documentation/Community : the server administrator point of view, the one who will not use bzr to develop but will provide tools for developers.<br> </div></div><br></div> </blockquote></div><br></div>