Comments Blog About Development Research Sites

Creating an anymous-read DAV SVN repository

Oct 7, 2009
While not strictly considered programming, source- and versioncontrol is something every programmer should be familiar with. While not per se at the serverside, clientwise most common forms of sourcecontrol should be well known - including GiT, CVS and SVN.

My personal favourite is SVN - easy to setup, easy to use, and almost always available on linux based systems. There exists a very excelent mod for Apache, mod_dav_svn, which allows you to turn an Apache webserver into an SVN server with a simple module and a few directives.

While it is possible to implement very advanced account restrictions, most people require only some simple user control to prevent everyone from reading or committing to their repository. In your host / directory configuration, this is easily achieved:

# how to authenticate a user
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /path/to/users/file

# only authenticated users may access the repository
Require valid-user


However, you may wish to do something a tad bit more advanced: allow anyone to read from the repository, but only certified individuals to commit. Now there are many solutions for just this (most writing shell scripts as hooks into the SVN server directly), but the easiest I found and want to share is a simple useage of Apache's LimitExcept directive like this:


# For any operations other than these, require an authenticated user.
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>


This allows anyone to perform GET, PROPFIND, OPTIONS and REPORT commands (required to do a checkout or update of the repository) but restricts access to all other commands to valid users. Spiffy!

For a more complete guide on all this, please see this page in the SVN book.

FragFrog out!

New comment

Your name:
Comment: