I'm trying to implement path based access for SVN on Mac OS 10.6.8 server. Everything works fine if I use htpasswd to keep track of accounts. But I want to integrate with Open Directory so team members can easily change their password. However, mod_auth_apple doesn't seem to expose itself as an authn provided so authz_svn doesn't pickup that it could use it for authentication (I get a error in the apache logs saying "No Authn provider configured.").
I know Open Directory is available through ldap but mod_authn_ldap doesn't come with the stock Apache version installed on Mac OS X server. I'm assuming there's some way to get this to work if authz_svn is included in the stock distribution (but I may be giving Apple too much credit). Has anyone got this worrking without having to use a custom build of Apache?
Found out how to do this after a couple days of monkeying around. I added the authn_file module and then also added AuthBasicAuthoritative off. This seems to still force authentication with mod_auth_apple but not fail when the AuthUserFile isn't specififed. It also passes the authentication information on to authz_svn so it can check acess control properly. I'm hoping someone who's more familiar with apache can properly explain why this works.
So my location directive now looks like
<Location "/">
Options All -Includes -ExecCGI -Indexes +MultiViews
<IfModule mod_dav.c>
DAV svn
SVNPath /Users/path/to/repo
</IfModule>
AllowOverride None
AuthName "Svn Repo"
AuthType Basic
AuthzSVNAccessFile /Users/path/to/access/file.txt
AuthBasicAuthoritative Off
Require valid-user
</Location>
Annoyingly, I do have to add AuthBasicAuthoritative Off to any other sites my server hosts.