Apache Mod SVN Access Forbidden

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Cerin on Server Fault See other posts from Server Fault or by Cerin
Published on 2012-06-21T22:22:10Z Indexed on 2013/11/11 21:57 UTC
Read the original article Hit count: 244

Filed under:
|
|

How do you resolve the error svn: access to '/repos/!svn/vcc/default' forbidden?

I recently upgraded a Fedora 13 server to 16, and now I'm trying to debug an access error with a Subversion server running on using Apache with mod_dav_svn.

Running:

svn ls http://myserver/repos/myproject/trunk

Lists the correct files. But when I go to commit, I get the error:

svn: access to '/repos/!svn/vcc/default' forbidden

My Apache virtualhost for svn is:

<VirtualHost *:80>
    ServerName svn.mydomain.com
    ServerAlias svn
    DocumentRoot "/var/www/html"

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    <Directory "/var/www/html">
        Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    <Location /repos>
      Order allow,deny
      Allow from all
      DAV svn
      SVNPath /var/svn/repos

      SVNAutoversioning On

      # Authenticate with Kerberos
      AuthType Kerberos
      AuthName "Subversion Repository"
      KrbAuthRealms mydomain.com
      Krb5KeyTab /etc/httpd/conf/krb5.HTTP.keytab

      # Get people from LDAP
      AuthLDAPUrl ldap://ldap.mydomain.com/ou=people,dc=mydomain,dc=corp?uid

      # For any operations other than these, require an authenticated user.
      <LimitExcept GET PROPFIND OPTIONS REPORT>
         Require valid-user
      </LimitExcept>

    </Location>
</VirtualHost>

What's causing this error?

EDIT: In my /var/log/httpd/error_log I'm seeing a lot of these:

[Fri Jun 22 13:22:51 2012] [error] [client 10.157.10.144] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"] [line "31"] [msg "Inbound Anomaly Score (Total Inbound Score: 15, SQLi=, XSS=): Method is not allowed by policy"] [hostname "svn.mydomain.com"] [uri "/repos/!svn/act/0510a2b7-9bbe-4f8c-b928-406f6ac38ff2"] [unique_id "T@Sp638DCAEBBCyGfioAAABK"]

I'm not entirely sure how to read this, but I'm interpreting "Method is not allowed by policy" as meaning that there's some security Apache module that might be blocking access. How do I change this?

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about apache2

Related posts about svn

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle