Score:0

Allow anonymous readonly access to a Subversion repository

cn flag

I'm using Subversion 1.13.0 in Ubuntu 20.04, and Apache 2.4.41 to serve SVN over HTTPS.

Authentication is done with a passwd file, the main /svn folder fails with 401 if user isn't authenticated.

But now I need to create a repository whose files need to be accessed anonymously. Commit still need to require authentication.

Is it possible to set only this repository to be readable without authentication?

TonyB avatar
za flag
Assuming you are using mod_dav_svn in Apache to serve Subversion, then configuration is handled by Apache, and if so, then yes it is possible. I suggest you read the [Subversion Redbook online](https://svnbook.red-bean.com/en/1.7/svn-book.pdf). Page 188 begins a section "httpd, the Apache HTTP Server", which goes into depth about configuring Apache to handle an SVN repository.
cn flag
Thanks a lot, I'm reading it now. If I have any question I'm gonna update it here.
cn flag
I had read it but still don't get how to do it, I'm gonna ask on Ubuntu forum where we have more space to talk. If u place an answer I can mark it as answered.
Score:0
za flag

Assuming you are using mod_dav_svn in Apache to serve Subversion, then configuration is handled by Apache, and if so, then yes it is possible. I suggest you read the Subversion Redbook online. Page 188 begins a section "httpd, the Apache HTTP Server", which goes into depth about configuring Apache to handle an SVN repository.

Specifically, you'll be modifying the apache configuration file, httpd.conf, using the Limit or or LimitExcept directives. One of the examples they give (on page 194) is:

  <Location /svn>
  DAV svn

  SVNParentPath /var/svn

  # Authentication: Digest
  AuthName "Subversion repository"
  AuthType Digest
  AuthUserFile /etc/svn-auth.htdigest
  # Authorization: Authenticated users only for non-read-only
  #                (write) operations; allow anonymous reads
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
</Location>

This example allows anyone to perform HTTP GET, PROPFIND, OPTIONS, and REPORT methods, but requires them to be an authenticated user to perform any other HTTP methods (such as PUT and PROPPATCH).

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.