SSLRequireSSL within LimitExcept

SSLRequireSSL within LimitExcept

am 19.02.2010 15:00:40 von Tobias Hensel

Hi,

I've set up a SVN with access via apache with and without SSL. I like to
confire that anoymous users have ro-access to the svn via http and https
and authenticated users have rw-access only via https.
I've seen a few examples on the internet where this has been made by
adding SSLRequireSSL within LimitExcept.
I added the following to my svn-config


DAV svn
SVNPath /svn/svnpath
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile authfile

Require valid-user
SSLRequireSSL



When I access the svn via https it works, but when I access it via http
it does not work an I get the following error in my log:

/var/log/apache2/error.log:
[Fri Feb 19 13:53:09 2010] [error] [client 127.0.0.1] access to
/var/www/svn failed, reason: SSL connection required

/var/log/apache2/access.log:
127.0.0.1 - - [19/Feb/2010:13:53:09 +0100] "GET /svn/ HTTP/1.0" 403 183
"-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.8)
Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"

Should this work or is it just not possible to use SSLRequireSSL within
LimitExcept?

Greetings

Tobias
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org