Can"t set permissions properly on Apache-served SVN repository

I want to provide read-only access to a set of users, and read-write
access to a smaller set of users, for a particular directory. Apache
is serving an SVN repository in this case. I can't get Apache to do
what I want it to do, and I haven't found any examples online that
match what I'd like. Here's what I have now:


Require user "mydomain\readonlyuser"
Require group "mydomain\mygroup"

Require group "mydomain\mygroup"



So here, I want to provide read-write access to mydomain\mygroup, and
read-only access to mydomain\readonlyuser. However, when I try this,
readonlyuser has full write access, with none of the limitations
implied by the LimitExcept clause. If I remove him from the location
clause, he has no access at all. Fiddling with the options to
LimitExcept has no apparent effect. mygroup is operating properly.

Changing the LimitExcept to a ... also
has no effect. Adding readonlyuser to the LimitExcept clause (for the
heck of it) has no effect.

It appears to me as if the Limit and LimitExcept clauses are not being
parsed at all.

I'm running Apache 2.0.55, SVN 1.2.3, and mod_auth_sspi 1.0.1 on
Windows Server 2003. Any ideas?