Anonymous SVN Checkout, but Authenticate Commit

In order to allow public reading/checkout, you need to uncomment the bit between the <LimitExcept> directive and comment the separate Require valid-user line above it.

The directive <LimitExcept GET PROPFIND OPTIONS REPORT> tells the server that everything inside that does not apply to any GET, PROPFIND, OPTIONS or REPORT request to the repository, which are used for checking out/reading the repo. In other words, if you would put this bit of code in your Apache configuration, it would only require a valid user for anything else than the mentioned methods (e.g. it would require a valid user if a PUT request is made to commit):

<LimitExcept GET PROPFIND OPTIONS REPORT>    Require valid-user</LimitExcept>

In your case, it should probably look something like this (I just slightly modified your posted config, assuming that is correct besides the forced login issue (I have no LDAP server to test it with). Note to replace example.com in your AuthLDAPURL to the real server host):

<Location /repos>   DAV svn   # Directory containing all repository for this path   SVNParentPath /srv/svn/repositories   # List repositories colleciton   SVNListParentPath On   # Enable WebDAV automatic versioning   SVNAutoversioning On   # Repository Display Name   SVNReposName "RepositoryName"   # Do basic password authentication in the clear   AuthType Basic   # The name of the protected area or "realm"   AuthName "RepositoryName"   # Make LDAP the authentication mechanism   AuthBasicProvider ldap   # Make LDAP authentication is final   AuthzLDAPAuthoritative off   # Active Directory requires an authenticating DN to access records   #AuthLDAPBindDN "ou=people,o=example,dc=com"   # The LDAP query URL   AuthLDAPURL "ldap://example.com:389/DC=com,DC=example,ou=people?uid(objectClass=*)" NONE   # Authorization file   AuthzSVNAccessFile /subversion/apache2/auth/repos.acl   # Limit write permission to list of valid users.   <LimitExcept GET PROPFIND OPTIONS REPORT>       SSLRequireSSL       Require valid-user   </LimitExcept></Location>

As long as you put the Require valid-user inside the LimitExcept, everything should work just as you want it to. You can put the rest of the authentication configuration anywhere between the Location directive.

Ok. I got the first part done.

With reference from 6. Access control lists section here, I added the read-only access in the AuthzSVNAccessFile file.

# Authorization fileAuthzSVNAccessFile /srv/svn/repos.acl

Contents of /srv/svn/repos.acl file

[/]* = r

Now, all my repositories will be anonymously accessible. Now the commit part is remaining.

Now I get the following message when I commit.

Commit failed (details follow):Server sent unexpected return value (500 Internal Server Error) in response to MKACTIVITY request for '/repos/project1/!svn/act/783d45f7-ae05-134d-acb0-f36c007af59d'

Every Subversion server that I've seen:

• Allows anonymous checkout with no commit.
• Requires authenticated checkout and allows commit.

I believe that the Subversion commit process has to be.

• Receive authentication credentials.
• Checkout code with authentication.
• Reapply changes.
• Commit changes.