How to ask for login?

Question

I have SvnServe installed on my debian server, and it works well with Visual Studio, with password protected folders.

I have installed websvn, and oh my god ! My subversion directories are all accessible from http://myserver/websvn without password.

How can i use authentication ??

Edit : more informations... Debian version of websvn folder :

apache.conf

# Configuration for websvn using php4.

Alias /websvn /usr/share/websvn

<Directory /usr/share/websvn>
  DirectoryIndex index.php
  Options FollowSymLinks
  Order allow,deny
  Allow from all
  <IfModule mod_php4.c>
    php_flag magic_quotes_gpc Off
    php_flag track_vars On
  </IfModule>
</Directory>

svn_deb_conf.inc

<?php
// please edit /etc/websvn/config.php
// or use dpkg-reconfigure websvn
$config->parentPath("/var/subversion/");
$config->setEnscriptPath("/usr/bin");
$config->setSedPath("/bin");
$config->useEnscript();
?>

Answer 1

The default is always to provide a universal access.

1. There is a section on security in the config file include/config.inc in the WebSVN directory. Set security and controls there.

2. The other approach is to restrict permissions in httpd.conf and svn.authz.

   See the following answer on serverfault that already details the solution.

   • https://serverfault.com/questions/13853/how-do-i-restrict-repository-access-via-websvn

Answer 2

Subversion repositories can by served by SVNServe or Apache. For a fine grained permission schema, you might follow these instructions as mentioned by pyfunc.