[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: AUTHENTICATION! Apache 2.x Windows 7x64. http authentication (md5) for individuals accounts

From: Loritsch, Berin <bloritsch_at_dtri.net>
Date: Mon, 25 Oct 2010 12:52:54 -0400

> -----Original Message-----
> From: Sammy Shlevskins [mailto:lolowned_at_gmail.com]
>
> It will simply give me 403:Forbidden at browser and also
> prevent me from committing changes from my workstation (Same
> reason). Why isn't it asking me to authenticate? What option
> am I missing? Please help this is driving me crazy!

This is most likely a server configuration issue. The httpd.conf file
must be configured to *REQUIRE* authentication. *=r means you have
anonymous read access. Once the server has an identity, it does not
require a second login on the same request. This is an Apache
limitation. Since authentication happens before authorization, there is
no way for the Svn Authz module to require the user to log in. The
directive that forces Apache to require a login is the following:

Require valid-user

Now, if you need anonymous browsing and you only want to require a valid
user on certain methods you will have to use a slightly fancier
configuration. The configuration is outlined here:
http://svnbook.red-bean.com/en/1.5/svn.serverconfig.httpd.html#svn.serve
rconfig.httpd.authz#svn.serverconfig.httpd.authz

To focus your attention on the specific section that allows anonymous
reads but requires authentication on writes is directly below:

<Location /svn>
  DAV svn
  SVNParentPath /var/svn

  # how to authenticate a user
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /path/to/users/file

  # For any operations other than these, require an authenticated user.
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
</Location>

The key phrase is <LimitExcept/> The HTTP methods GET, PROPFIND,
OPTIONS, and REPORT are all read accesses and are ignored by any
directives inside. All other HTTP methods like POST, PUT, DELETE,
PROPEDIT, etc. will require authentication.

Confidentiality Note: The information contained in this message, and any attachments, may contain proprietary and/or privileged material. It is intended solely for the person or entity to which it is addressed. Any review, retransmission, dissemination, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2675408

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-10-25 18:53:03 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.