O'Reilly logo

Version Control with Subversion, 2nd Edition by Brian W. Fitzpatrick, Ben Collins-Sussman, C. Michael Pilato

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authentication Options

At this point, if you configured httpd.conf to contain something such as the following:

<Location /svn>
  DAV svn
  SVNParentPath /var/svn
</Location>

your repository is anonymously accessible to the world. Until you configure some authentication and authorization policies, the Subversion repositories that you make available via the Location directive will be generally accessible to everyone. In other words:

  • Anyone can use a Subversion client to check out a working copy of a repository URL (or any of its subdirectories).

  • Anyone can interactively browse the repository’s latest revision simply by pointing a web browser to the repository URL.

  • Anyone can commit to the repository.

Of course, you might have already set up a pre-commit hook script to prevent commits (see Implementing Repository Hooks). But as you read on, you’ll see that it’s also possible to use Apache’s built-in methods to restrict access in specific ways.

Setting up HTTP authentication

The easiest way to authenticate a client is via the HTTP Basic authentication mechanism, which simply uses a username and password to verify that a user is who she says she is. Apache provides an htpasswd utility for managing the list of acceptable usernames and passwords. Let’s grant commit access to Sally and Harry. First, we need to add them to the password file:

$ ### First time: use -c to create the file $ ### Use -m to use MD5 encryption of the password, which is more secure $ htpasswd -cm /etc/svn-auth-file harry New ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required