[cvsnt] Re: How to contorl the access right within the ViewCVS

[Glen Starrett]

Bo Berglund wrote:
> Can you expand on the NTLM authentication a bit? If one has IIS5 or
> IIS6 as the ViewCvs webserver engine, where and how can the
> permissions be changed?

That's the way I have it set up for my production work system.  It can 
be a little tricky (or just unfriendly) because unauthorized users will 
get a blank page / bad message instead of something informative.

Assuming you have your repository set up with a CVSUsers group that has 
permission to it, you can set ViewCVS as follows:

1) Alter permissions on ViewCVS virtual directories to only allow the 
same set of users (e.g. no IUSR_machine user allowed).

2) Go into IIS console and change the security to only accept NT 
integrated authentication (or basic also, if you like).

It's a bit coarse, but it works.  That restricts non-users and still 
allows CVS users to view.  Note that TortoiseCVS doesn't like it -- it 
can't scan and find it because of the authentication required -- but if 
you manually configure your Web Log URL then it works fine (NB, I 
haven't verified that with later releases and haven't reported it as a 
bug since I didn't think about it affecting anyone but my group).

If I missed anything post the details and I can go back through my notes 
and check.

-- 
Glen Starrett