Get authz_svn working Apache Mac os x server

Question

I'm trying to implement path based access for SVN on Mac OS 10.6.8 server. Everything works fine if I use htpasswd to keep track of accounts. But I want to integrate with Open Directory so team members can easily change their password. However, mod_auth_apple doesn't seem to expose itself as an authn provided so authz_svn doesn't pickup that it could use it for authentication (I get a error in the apache logs saying "No Authn provider configured.").

I know Open Directory is available through ldap but mod_authn_ldap doesn't come with the stock Apache version installed on Mac OS X server. I'm assuming there's some way to get this to work if authz_svn is included in the stock distribution (but I may be giving Apple too much credit). Has anyone got this worrking without having to use a custom build of Apache?

Answer 1

Found out how to do this after a couple days of monkeying around. I added the authn_file module and then also added AuthBasicAuthoritative off. This seems to still force authentication with mod_auth_apple but not fail when the AuthUserFile isn't specififed. It also passes the authentication information on to authz_svn so it can check acess control properly. I'm hoping someone who's more familiar with apache can properly explain why this works.

So my location directive now looks like

<Location "/">
    Options All -Includes -ExecCGI -Indexes +MultiViews
    <IfModule mod_dav.c>
        DAV svn
        SVNPath /Users/path/to/repo
    </IfModule>
    AllowOverride None
    AuthName "Svn Repo"
    AuthType Basic
    AuthzSVNAccessFile /Users/path/to/access/file.txt
    AuthBasicAuthoritative Off
    Require valid-user
</Location>

Annoyingly, I do have to add AuthBasicAuthoritative Off to any other sites my server hosts.