As a git lover on Windows platform I am always searching for a way to set up a Windows git server. A perfect way is indeed SSH but setting it up on Windows is a really hard task. In addition to it I never succeeded to setup authorization with it. A user could access all git repositories once he has correct user/password.
One of my favorite git servers in Windows is GitAspx. It is over simple HTTP and it has not very secured. It is also a bit slower than native git. But with all disadvantages it is very easy, handy and simple to install. GitAspx can be secured with IIS Basic Authentication. But by default has no obvious authorization. It’s a long time that I’m searching for a way to define authorization on GitAspx. Fortunately I have found a way for it inspiring from a question in SO.
The solution is based on URL authorization in IIS 7.5. GitAspx has not physical folder for each git repo so you can not add a web.config to each folder and set authorization there. Here I used location node in web.config to allow/deny access to different git repositories. This is a sample web.config: