-1

I am using SVN via apache2. I have Ubuntu as OS. Below are my configurations:

<Location /svn>
  DAV svn
  SVNParentPath /var/lib/svn

  # I have tried basic as well
  AuthName "Subversion repository"
  AuthType Digest
  AuthUserFile /etc/dav_svn.passwd

<IfModule mod_authz_svn.c>
    AuthzSVNAccessFile /etc/apache2/svn_access_control
</IfModule>

  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
</Location>

Is there a way to allow only registered users to view/checkout svn? I don't want anonymous users to access.

I can still access the SVN via browser and SVN client. I tried to remove the tag "<LimitExcept GET PROPFIND OPTIONS REPORT>" but then Apache gives "Internal Server Error". 

[Tue Oct 29 15:06:16 2013] [crit] [client [IP]] configuration error:  couldn't check user.  Check your authn provider!: /svn/repo1/, referer: http://[IP]

I am totally novice to Linux :(

Thanks

user62648
  • 123
  • 1
  • 6
  • What does error.log say? – Nathan C Oct 29 '13 at 18:54
  • There is nothing in the log file. I looked at this file "/var/log/apache2/access.log" – user62648 Oct 29 '13 at 19:07
  • So there's no `error.log` in that same folder? There should be if it's tossing internal errors...access.log won't help. – Nathan C Oct 29 '13 at 19:10
  • Sorry, I didn't know about this file. yes it is there. It says: [Tue Oct 29 15:06:16 2013] [crit] [client [IP]] configuration error: couldn't check user. Check your authn provider!: /svn/repo1/, referer: http://[IP] – user62648 Oct 29 '13 at 19:22

1 Answers1

1

You're missing the digest module.

Find this line in your apache2.conf (or httpd.conf) and uncomment:

LoadModule auth_digest_module modules/mod_auth_digest.so

If you can't find it, add it to the existing list of LoadModule lines.

Nathan C
  • 15,059
  • 4
  • 43
  • 62
  • I couldn't find digest so I made the mode to "basic". It is working now. Weird :p Thanks for the help :) Is basic mode secure? – user62648 Oct 29 '13 at 20:39
  • 2
    Basic/digest mode are both insecure over http since the password is transmitted in plaintext. The only difference is how the passwords are generated (`htpasswd` versus `htdigest`). – Nathan C Oct 30 '13 at 11:00