Hi,
I've set up a SVN with access via apache with and without SSL. I like to
confire that anoymous users have ro-access to the svn via http and https
and authenticated users have rw-access only via https.
I've seen a few examples on the internet where this has been made by
adding SSLRequireSSL within LimitExcept.
I added the following to my svn-config
<Location /svn>
DAV svn
SVNPath /svn/svnpath
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile authfile
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
SSLRequireSSL
</LimitExcept>
</Location>
When I access the svn via https it works, but when I access it via http
it does not work an I get the following error in my log:
/var/log/apache2/error.log:
[Fri Feb 19 13:53:09 2010] [error] [client 127.0.0.1] access to
/var/www/svn failed, reason: SSL connection required
/var/log/apache2/access.log:
127.0.0.1 - - [19/Feb/2010:13:53:09 +0100] "GET /svn/ HTTP/1.0" 403 183
"-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.8)
Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"
Should this work or is it just not possible to use SSLRequireSSL within
LimitExcept?
Greetings
Tobias
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majord...@modssl.org
