At this point, you’ve configured authentication, but not authorization. Apache is able to challenge clients and confirm identities, but it has not been told how to allow or restrict access to the clients bearing those identities. This section describes two strategies for controlling access to your repositories.
The simplest form of access control is to authorize certain users for either read-only access to a repository or read/write access to a repository.
You can restrict access on all repository operations by adding
Require valid-user directive
<Location> block. Using our previous example, this would mean that only
clients that claimed to be either
sally and that provided the correct password
for their respective username would be allowed to do anything with the
<Location /svn> DAV svn SVNParentPath /var/svn # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /path/to/users/file # only authenticated users may access the repository Require valid-user </Location>
Sometimes you don’t need to run such a tight ship. For example, Subversion’s own source code repository at http://svn.collab.net/repos/svn allows anyone in the world to perform read-only repository tasks (such as checking out working copies and browsing the repository with a web browser), but it restricts all write operations to authenticated users. To do this type of selective restriction, you can ...