I found a number of similar reports in the archives, but no definitive
answers. When checking out from a repo that does not allow anonymous read
access ("* = "), I get the following error at the client:
svn: REPORT request failed on '/svn/myproject/!svn/vcc/default'
svn: Not authorized to open root of edit operation
The Apache error log shows:
A failure occurred while driving the update report editor [500, #220000]
Not authorized to open root of edit operation [500, #220000]
Adding "*=r" to the repo entry in the authz file allows this to succeed
fine. This leads me to suspect that the svn client is attempting to do
"something" anonymously, before authenticating.
Some detail:
Client: Ubuntu Gutsy, using the stock subversion (1.4.4dfsg1-1ubuntu3)
package.
Server: Debian Etch, using the stock libapache2-svn (1.4.2dfsg1-2) package.
Authentication: libapache2-mod-auth-kerb (5.3-1) package, using negotiate
(not simple passwd!)
Relevant Apache configuration block:
SSLCertificateFile /etc/apache2/certificate.pem
SSLCertificateKeyFile /etc/apache2/certificate.pem
SSLEngine on
<Location /svn/>
AuthType Kerberos
KrbMethodNegotiate on
KrbMethodK5Passwd off
KrbVerifyKDC on
Krb5Keytab /etc/apache2/HTTP.keytab
Satisfy Any
require valid-user
DAV svn
SVNParentPath /srv/svn
SVNListParentPath on
AuthzSVNAccessFile /srv/svn/authz
</Location>
Relevant snippet from authz file:
[myproject:/]
myuser = rw
* =
This repository must not be anonymously accessible, so setting "*=r" is not
an option. Does anyone have any insight to the cause of my problem?
Thank you,
-Matt
--
matt_at_forsetti.com
Key ID:D6EEC5B5
Received on 2008-02-28 16:30:30 CET