Secure Subversion on the XAMPP Apache Server

Windows Development 2 Comments

To secure subversion, we just need to create a password file and configure apache to use it for subversion repository access.

  1. Open up the apache config file “C:\xampp\apache\conf\httpd.conf”. At the end, look for the subversion repository URL location and add the additional text below, starting with “AuthType”:
    <Location /repos>
        DAV svn
        SVNPath c:/svn_repos

        AuthType Basic
        AuthName "Subversion Repository"
        AuthUserFile conf/svn-password.pass
        Require valid-user
    </Location>
  2. Create the “svn-password.pass” file by launching the “Start->All Programs->Accessories->command Prompt” and running these commands:
    c:\xampp\apache\bin\htpasswd.exe -cm c:\xampp\apache\conf\svn-password.pass username1
    c:\xampp\apache\bin\htpasswd.exe -m c:\xampp\apache\conf\svn-password.pass username2
    c:\xampp\apache\bin\htpasswd.exe -m c:\xampp\apache\conf\svn-password.pass username3

    You will be prompted to input the password for each user. I’m suggesting that the full path to htpasswd.exe be used because other programs (such as PUTTY) may have incompatible versions.

  3. Restart the Apache server.
  4. Browse to http://localhost/repos/ and you will be asked to input a username and password.

Additionally, we can create an authorization file to assign permissions to users or groups of users.

  1. Open up the apache config file “C:\xampp\apache\conf\httpd.conf”. At the end, look for the subversion repository URL location and add the additional line called “AuthzSVNAccessFile”:
    <Location /repos>
        DAV svn
        SVNPath c:/svn_repos
       
        AuthType Basic
        AuthName "Subversion Repository"
        AuthUserFile conf/svn-password.pass
        AuthzSVNAccessFile conf/svn-authz.conf
        Require valid-user
    </Location>
  2. Create the “c:\xampp\apache\conf\svn-authz.pass” file. Here is some example content:
    [groups]
    devteam = username1,username2
    qateam = username3,username4,username5

    [/]
    @devteam = rw
    username6 = r

    [/project1]
    @devteam = rw
    @qateam = r
    username7 = rw
  3. Restart the Apache server.
  4. Browse to http://localhost/repos/ and you will be prompted to input a username and password.
  5. When using the subversion command line, you can use the –username flag to pass in your username the first time:
    svn --username username1 co http://localhost/repos/myproject

The info above was derived from How to Setup Subversion + Apache + WebSVN.

2 Comments