From: Scott Frankel <frankel_at_circlesfx.com>
Date: Mon, 19 Aug 2013 09:07:03 -0700
I'm new to SVN server configuration and find myself setting up a CentOS 6.4 server with svn version 1.6.1, following the red-bean book.
I'm having difficulty with authorization &/or authentication: my repo appears to be accessible by anyone in spite of requiring "valid-user" and specifying digest authentication. I believe this because 1) I can download a full working copy of the repo to a 3rd-party logged into a foreign computer, and 2) I have dozens of entries in apache's logfiles, like these from this morning, *prior* to any known/legitimate access to my repos today:
This doesn't look good at all. My Location directive follows below. The /etc/svn-auth.htdigest exists and appears to be valid. My goal is to setup the repo, serve it via Apache, provide access to only a small number of people that I approve, use cmd-line svn and do so securely.
This is my first brush with Apache, OpenSSL, and general server config. Thanks in advance for your suggestions! BTW, I'm not subscribed and would appreciate being cc'd on any replies.
# Authentication: Digest
# Authorization: Authenticated users only
This is an archived mail posted to the Subversion Users mailing list.