AuthzSVNAccessFile without AuthUserFile?

Hi,

apache 2.0.55, SVN 1.3.0, mod_auth_kerb-5.0-rc6

I've been trying to get windows authentication going on a Linux
server, with a little success. I have installed mod-auth-kerb and it
authenticates nicely using basic authentication, but using a windows
DC to verifiy the passwords. However, now I'm trying to control
access to the repos with and authz file. With true basic
authentication I have this:

<Location /svn>
    DAV svn
    SVNParentPath /svn
    SVNListParentPath on
    SetOutputFilter DEFLATE
    AuthzSVNAccessFile /etc/svn-authz-file

    AuthType Basic
    AuthName "MTD DSP Software Subversion Repository"
    AuthUserFile /etc/svn-auth-file

    Require valid-user
</Location>

The Authz file then seems to work as expected. For Kerberos I have the
following:

<Location /svn>
    DAV svn
    SVNParentPath /svn
    SVNListParentPath on
    SetOutputFilter DEFLATE
    AuthzSVNAccessFile /etc/svn-authz-file

    AuthType Kerberos
    AuthName "MTD DSP Software Subversion Repository"
    KrbAuthRealms EXAMPLE.COM
    Krb5Keytab /opt/httpd/2.0.55/conf/server.keytab
    KrbMethodK5Passwd on
    KrbMethodK4Passwd off
    KrbVerifyKDC off

    Require valid-user
</Location>

Now, the Authz module seems not to know the username. So * wildcards
for anonymous access are working in the Authz file, but not groups or
individual users.

The authentication works fine. If I have [/] * = rw, I can read and
write all the repos correectly. It's only per-path permissions that
seem to be messed up.

Fallen at the last hurdle :-( Am I on to a loser here?

--------------------------------------------------------
# works with true basic, but not kerberos
[groups]
all = nickthompson

[/]
@all = rw
--------------------------------------------------------

Regards,

-- 
> Nick Thompson
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org