We have an SVN 1.4 repository that uses Apache 2.0 for authentication; specifically, the mod-auth-sspi module to authenticate with our Windows Domain. The relevant portion of httpd.conf looks like this:
<Location /svn>
AuthType SSPI
AuthName "My Subversion"
SSPIAuth On
SSPIAuthoritative On
SSPIDomain MYDOMAIN
SSPIFixDomainCase On
SSPIOfferBasic On
Require group MYDOMAIN\MYDOMAINGROUP
</Location>
We also have an automated build server which needs to get the source from SVN and build it. Naturally, this requires that the build server pass valid Domain credentials to SVN/Apache.
Today, we do this by using my own Domain credentials. This is not such a good idea, since something bad could happen to me or I could be on vacation when my Domain password expires -- the whole auto build process would freeze. Creating a special account on the Domain just for the auto build server is not an option at this time because I work for a huge company and the red tape to do such a thing is prohibitive.
What I'd like to do is leave the existing SSPI authentication scheme the same, but create a local account on the machine hosting SVN and have the auto build server authenticate using that local account. In other words, two different authentication paths (SSPI + a local account) for the one SVN repository.
Is that possible? How do I do it?
If you want to provide basic authentication in addition to SSPI authentication, you need to provide it under a different URL, e.g.
<Location /svn_pass>
AuthType Basic
AuthName "svn"
AuthUserFile /etc/apache2/svnusers
require valid-user
</Location>
Alternatively, you can use host-based authorization, which you can then also put into the current URL, and specify "Satisfy Any".