All of us love the way Drupal is open source, and the fact that we can run our own version control servers with fserver (If you want to set one up, read my post on that topic). But on commercial projects for our clients, we often don't want or are not allowed to share our code with the world. But how can we run a feature server that's not public?
Allowing only registered users to browse and download repositories isn't satisfying, as there's no way my drush make script will go through the login process on my site. There's another possibility though:
.htaccess password protection
I use Plesk, so in my case (and for any similar software as well) it was just about securing my fserver's root directory with a username and password. If you don't have that possibility, look into this tool.
How is that better from Drupal taking care of the login process? There's a login form here and there, how does that differ from each other? Well, this way you can include your login information in the URL, like this:
http://username:password@yourfserver.com/fserver/
You now just need to update the URLs to your fserver, and that's about it.
Thinking further
There's several things you could still to:
- write a module which alters the output of the URL on a project page so that you can simply copy it with the correct login information included
- implement the securesite module, which does the HTTP-login backed by Drupal's user database
- give each drupal site a custom username and password, and on the fserver site serve custom branches of modules or restrict access to others
As always, if you have questions or anything to share with us, please comment. We always appreciate it.