(When authorization is required, Apache requires authentication as well.) What's missing here, however, are directives that tell Apache DAV svn SVNParent Path /var/svn # Authentication: Basic Auth Name "Subversion repository" Auth Type Basic Auth Basic Provider file Auth User File /etc/svn-auth.htpasswd # Authorization: Authenticated users only Require valid-user Digest authentication is an improvement on Basic authentication which allows the server to verify a client's identity without sending the password over the network unprotected.
Both client and server create a non-reversible MD5 hash of the username, password, requested URI, and a (number used once) provided by the server and changed each time authentication is required.
If you are not already familiar with Apache's logging subsystem, you should become aware of it.
In your and Subversion from source code or by installing prebuilt binary packages of them on your system.
(In a moment, we'll discuss the format of that file.) Apache is flexible, so you have the option to configure your block in one of three general patterns.
Configuring Apache to use Digest authentication is straightforward.See the section called “Protecting network traffic with SSL” for how to configure your server to support SSL encryption, which can provide that extra layer of protection.$ ### First time: use -c to create the file $ ### Use -m to use MD5 encryption of the password, which is more secure $ htpasswd -c -m /etc/svn-auth.htpasswd harry New password: ***** Re-type new password: ***** Adding password for user harry $ htpasswd -m /etc/svn-auth.htpasswd sally New password: ******* Re-type new password: ******* Adding password for user sally $ authorization were required, it should challenge the Subversion client for a username and password.For the most up-to-date information on how to compile Subversion for use with the Apache HTTP Server, as well as how to compile and configure Apache itself for this purpose, see the subdirectory.Depending on how Subversion was installed on your system, you might need to specify a different path for this library altogether, perhaps even an absolute path such as in the following example: directive is to instruct Apache to do something special when handling requests that are directed at a given URL or one of its children.