I am running SVN 1.6.3 over Apache 2.2 on Windows, using the most recent CollabNet Windows builds. I'm using mod_auth_sspi and mod_ssl to secure my connections and perform authorization. On small checkins and imports, none of my users have any problems doing their work. But when importing or checking in a large number of files, users get prompted for their credentials (which the server promptly rejects), followed by the error:
PUT of <path and filename>
authorization failed: Could not authenticate to server: rejected Basic
challenge (https://<my server name>)
We've tried using both the command line client and TortoiseSVN.
This error seems to be related to the number of files checked in, NOT the aggregate size of content committed. For example, if I try to check in 90 1-byte .txt files, the import will fail as described. It's not always 90 files — I think it has something to do with the aggregate size of the filenames. I have this nagging feeling that it SVN is trying to jam all of the filenames into a single HTTP request header or something, and Apache is rejecting it somehow.
Not that I can examine what's going on at the HTTP level using Wireshark, since everything is encrypted via HTTPS. Here's my config file, less any comments. Has anyone run into this before? Any suggestions?
ThreadsPerChild 250
MaxRequestsPerChild 0
ServerRoot "C:\Program Files\CollabNet Subversion Server/httpd"
Listen 443
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule sspi_auth_module modules/mod_auth_sspi.so
LoadModule authz_svn_module modules/mod_authz_svn.so
ServerAdmin localhost@localdomain
ServerName sourcecontrol.mydomain.com
DocumentRoot "C:\Program Files\CollabNet Subversion Server/httpd/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Satisfy all
</Directory>
<Directory "C:\Program Files\CollabNet Subversion Server/httpd/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
ErrorLog logs/error.log
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog logs/access.log common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "C:\Program Files\CollabNet Subversion Server/httpd/cgi-bin/"
</IfModule>
<Directory "C:\Program Files\CollabNet Subversion Server/httpd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
<Location /svn>
DAV svn
SVNParentPath D:\repository
AuthName "Subversion repository"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain NA
SSPIOfferBasic On
Require valid-user
SVNAutoVersioning on
ModMimeUsePathInfo on
AuthzSVNAccessFile "d:/repository/access-file.txt"
</Location>
<VirtualHost *:443 >
DocumentRoot d:\repository
SSLEngine On
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.crt/server.key
</VirtualHost>
Best Answer
It turns out that I needed to add this line to httpd.conf (I added it to the top so it would apply to all directories)
and, for good measure, I added
just in case they decide to get all smart on me in the next version of httpd and default it to Off.