I've inherited a Subversion repository, running on FreeBSD and using Apache2.2 .

Currently, we have one project, which looks like this. We use both local files and LDAP for authentication.

<Location />
DAV svn
SVNParentPath /var/svn

AuthName "Staff only"
AuthType Basic
# Authentication through Local file (mod_authn_file), then LDAP (mod_authnz_ldap)
AuthBasicProvider file ldap

# Allow some automated programs to check content into the repo
# mod_authn_file
AuthUserFile /usr/local/etc/apache22/htpasswd
Require user robotA robotB

# Allow any staff to access the repo
# mod_authnz_ldap
Require ldap-group cn=staff,ou=PosixGroup,ou=foo,ou=Host,o=ldapsvc,dc=example,dc=com

</Location>

We would like to allow customers to access to certain subdirectories, without giving them global access to the entire repository. We would prefer to do this without migrating these sub-directories to their own repositories. Staff also need access to these subdirectories.

Here's what I tried:

<Location /www.customerA.com>
DAV svn
SVNParentPath /var/svn

# mod_authn_file
AuthType Basic
AuthBasicProvider file
AuthUserFile /usr/local/etc/apache22/htpasswd-customerA
Require user customerA
</Location>

<Location /www.customerB.com>
DAV svn
SVNParentPath /var/svn

# mod_authn_file
AuthType Basic
AuthBasicProvider file
AuthUserFile /usr/local/etc/apache22/htpasswd-customerB
Require user customerB
</Location>

I've tried the above. Access to '/' works for staff. However, access to /www.customerA.com and /www.customerB.com does not work. It looks like Apache is trying to authenticate the 'customerB' against LDAP, and doesn't try local password file. The error is:

[Mon May 03 15:27:45 2010] [warn] [client 192.168.8.13] [1595] auth_ldap authenticate: user stefantest authentication failed; URI /www.customerB.com [User not found][No such object] [Mon May 03 15:27:45 2010] [error] [client 192.168.8.13] user stefantest not found: /www.customerB.com

What am I missing?