0

I have a SVN repository stored on an Apache server.

Authentification was done through SSPI, and I'm trying to move this to more basic stuff (having a local list of user/password).

My httpd.conf:

LoadModule sspi_auth_module modules/mod_auth_sspi.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so

... 

<Location /svn_toto>

  DAV svn
  SVNParentPath D:\web_server\svn_repositories_test
  AuthzSVNAccessFile D:\web_server\svn_repositories_test\svnaccessfile.txt
  #Satisfy Any
  Require valid-user
  AuthType Basic
  AuthName "Subversion Repository toto"
  AuthUserFile D:\web_server\svn_repositories_test\users.txt

  SVNIndexXSLT "/svnindex.xsl"

</Location>

My users.txt:

[users]
super = super
jean = jean

My svnaccessfile.txt:

[groups]
admin = super

[/]
@admin = rw

[cloisonnement:/]
jean = rw
super = rw

[cloisonnement:/trunk]
jean = rw
super = rw

Now, from a client machine, I try:

svn ls https://servername/svn_toto/cloisonnement/trunk --username super --password super

And this fails and asks me password:

Authentication realm: <https://servername:443> Subversion Repository toto
Username: super
Password for 'super': *****
Authentication realm: <https://servername:443> Subversion Repository toto
Username: super
Password for 'super': *****
svn: E215004: Unable to connect to a repository at URL 'https://servername/svn_toto/cloisonnement/trunk'
svn: E215004: No more credentials or we tried too many times.
Authentication failed

What am I doing wrong?

jpo38
  • 111
  • 6

1 Answers1

0

Main problem:

AuthUserFile for Basic Apache authentication must be not plain-text file in format user = password, but in special form, prepared by htpasswd.

Your current users.txt is usable only for svnserve-based repositories, svn:// protocol, not http(s)://. As result, Apache was not able to find user super (any user really) and authenticate it

Minor glitch:

Access-rights in AuthzSVNAccessFile are inherited from parent node to childs, thus: if you have

[/]
@admin = rw

you can do not clone this rule for single repository below root-node and for path inside noted repository

EEAA
  • 109,363
  • 18
  • 175
  • 245
Lazy Badger
  • 3,137
  • 15
  • 13
  • 4
    Accepting answer because it is correct but not voting up because comments are rude. There is really no need to be offensive like that...at least that's how it works on SO, but I'm new on SU, thought it was working with the same philosophy. If I knew how it worked, I would not ask.... – jpo38 Dec 21 '15 at 16:12
  • An example of how to correctly answer questions without being offensive: http://stackoverflow.com/a/34397764/3336423 – jpo38 Dec 21 '15 at 16:14