Accessing Subversion over http

Hello,
I have configured apache and subversion. I am able to access subversion over http as intended like this:
http://localhost/svn/webapprnd

And this is the only way that I would like other users to access the repository. ie, I would like to limit user to access repository through http so that I can setup authentication for security.
But I am still able to access the repository with svn as follows:
svn://localhost/webapprnd and because of this my apache security is bypassed. How can I configure so that accessing with svn is prohibited?

Thank you.

You haven't provided sufficient context. Using a "svn:" URL in my browser simply results in a message that the browser doesn't understand the "svn" protocol. If you mean using the "svn:" protocol on a command-line SVN request, just don't run the SVN server - which also means don't have SVN set up to come up in the superserver ([x]inetd) if you have one.

You don't need the SVN server when using WebDAV to access a subversion archive.

Sounds like you are still running the Subversion server - make sure it is not running.

Peter Johnson wrote:Sounds like you are still running the Subversion server - make sure it is not running.

concurrence. There's little need to run the Subversion server if you're using Apache to interface with svn.

Also, if you ever decide you need to run the subversion server, it has its own security system, as outlined in the subversion redbean book.

Tim Holloway wrote:

Peter Johnson wrote:Sounds like you are still running the Subversion server - make sure it is not running.

concurrence. There's little need to run the Subversion server if you're using Apache to interface with svn.

Also, if you ever decide you need to run the subversion server, it has its own security system, as outlined in the subversion redbean book.

That was it. Both of them were running!
Thank you Gentlemen!

Gentlemen,
While my subversion installation was working, I uninstalled subversion with apache embeded in it and reinstalled it clean. Everything works fine except accessing it over http which gives me the following error which left me without clue:
You don't have permission to access /svn/ on this server

I have the followings turned on in httpd.conf:
LoadModule dav_module modules/mod_dav.so LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so


Here is my Location in httpd.conf
<Location /svn/> DAV svn SVNListParentPath on SVNParentPath C:/svn_repository AuthName "Subversion repository" </Location>

I can access my repository over svn protocol without any problem as shown below:
C:\>svn ls svn://localhost testproject/

Any idea as to what I am missing here as far as configuration is concerned or something else?

Thank you.
T

That looks pretty incomplete. And probably you need "C:\", not "C:/" in Apache.

Here's a setup I use. It's a bit extreme, since I use LDAP as my authenticator, but the same basic setup also works with things like .htaccess control:
<Location /svn> DAV svn SVNPath /usr/local/SVNArchive AuthType Basic AuthName "MTSDraw Subversion Repository" order allow,deny allow from all SSLRequireSSL AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL "ldap://ldap.mousetech.com/dc=mousetech,dc=com?uid?sub?" NONE Require ldap-group cn=svnusers,ou=groups Require valid-user </Location>

Tim Holloway wrote:That looks pretty incomplete. And probably you need "C:\", not "C:/" in Apache.

Here's a setup I use. It's a bit extreme, since I use LDAP as my authenticator, but the same basic setup also works with things like .htaccess control:
<Location /svn> DAV svn SVNPath /usr/local/SVNArchive AuthType Basic AuthName "MTSDraw Subversion Repository" order allow,deny allow from all SSLRequireSSL AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL "ldap://ldap.mousetech.com/dc=mousetech,dc=com?uid?sub?" NONE Require ldap-group cn=svnusers,ou=groups Require valid-user </Location>

Now I have this:
<Location /svn> DAV svn SVNParentPath C:\svn_repository AuthName "Subversion repository" order allow,deny allow from all AuthType Basic AuthUserFile C:\Subversion\httpd\conf\svn-auth-file Require valid-user </Location>

As expected, an authenication box pops up. Once I enter userid and password, I still get the same error:
Forbidden You don't have permission to access /svn on this server.

What's the format of your svn-auth-file? It needs to have been created by the htpasswd utility - it's an Apache authorization file.

The svn docs go into a lot of detail on authorization, but that's for the standalone Subversion server and not Apache. Which can be confusing. Use Apache's security documentation, not Subversion's.

Tim Holloway wrote:What's the format of your svn-auth-file? It needs to have been created by the htpasswd utility - it's an Apache authorization file.

The svn docs go into a lot of detail on authorization, but that's for the standalone Subversion server and not Apache. Which can be confusing. Use Apache's security documentation, not Subversion's.

Here's how I created it:
C:\Subversion\httpd\bin>htpasswd -cm ..\conf\svn-auth-file trai New password: ***** Re-type new password: ***** Adding password for user trai

Since its encrypted, it looks like trai:$apr1$quKOnClC$X.SuJqs7.mEyyXiHqQoBv.