Tim Holloway wrote:What's the format of your svn-auth-file? It needs to have been created by the htpasswd utility - it's an Apache authorization file.
The svn docs go into a lot of detail on authorization, but that's for the standalone Subversion server and not Apache. Which can be confusing. Use Apache's security documentation, not Subversion's.
Tim Holloway wrote:That looks pretty incomplete. And probably you need "C:\", not "C:/" in Apache.
Here's a setup I use. It's a bit extreme, since I use LDAP as my authenticator, but the same basic setup also works with things like .htaccess control:
Tim Holloway wrote:
Peter Johnson wrote:Sounds like you are still running the Subversion server - make sure it is not running.
concurrence. There's little need to run the Subversion server if you're using Apache to interface with svn.
Also, if you ever decide you need to run the subversion server, it has its own security system, as outlined in the subversion redbean book.
Tim Holloway wrote:SVN consists of several components, frequently all bundled as a unit.
There's the admin SVN utilities, which set up the archive filesystem structure and maintain the archives.
There's the svn server, which can run either via the Unix superserver (inet) or as a stand-alone daemon.
There's the svn user client utilities, which all users to check projects in and out and commit changes, etc. These utilities can operate against a local archive on a time-shared system (not very common these days), via the svn server, or via HTTP/DAV.
Not generally part of the package:
There's also mod_dav, which is a plugin for the Apache webserver. It allows users to use DAV to talk to Subversion. Other servers such as IIS may have their own plug-ins for the same purpose.
When they do that, the subversion security files are not referenced. Mod_dav uses Apache's security system, so access is controlled as part of the general web access control mechanisms such as the ".htaccess" files and the settings in Apache's httpd.conf files. Which may reference security plugins. Mine uses the LDAP plugin, for example.
Tim Holloway wrote:Yup. Their documentation isn't precise enough. The svn authentication files are for use with the SVN server. When you're using Apache/DAV as the interface, you set up Apache security, instead.
David Newton wrote:Manage it how?