Index: book/ch06-server-configuration.xml =================================================================== --- book/ch06-server-configuration.xml (revision 3095) +++ book/ch06-server-configuration.xml (working copy) @@ -968,7 +968,7 @@ Second, create a file - called subversion.conf in a place where + called svn.conf in a place where the SASL library can find it—typically in the directory where SASL plug-ins are located. You'll have to locate the plug-in directory on your particular system, such @@ -985,9 +985,10 @@ Mellon\Project Cyrus\SASL Library], and place two keys inside it: a key called SearchPath (whose value is a path containing the SASL - .dll plug-ins), and a key called + .dll plug-ins, e.g. + saslCRAMMD5.dll), and a key called ConfFile (whose value is a path - containing the subversion.conf + containing the svn.conf file). Because SASL provides so many different kinds of @@ -1000,7 +1001,7 @@ how to configure the server appropriately for each. For the purposes of this discussion, we'll just demonstrate a simple example of configuring the DIGEST-MD5 mechanism. For - example, if your subversion.conf + example, if your svn.conf contains the following: @@ -1021,6 +1022,22 @@ $ saslpasswd2 -c -u realm username + On a Windows server you also need to specify the directory + and filename of the private database file. You need an extra + line in the svn.conf file like this: + + +sasldb_path: c:\path\to\sasldbfile + + + The saslpasswd2 program also needs + to know this location, which you specify on the command + line like this: + + +$ saslpasswd2 -c -f c:\path\to\sasldbfile -u realm username + + A few words of warning: first, make sure that the "realm" argument to saslpasswd2 matches the same "realm" you've defined in your @@ -1039,6 +1056,10 @@ database. Consult the full SASL documentation for details. + Windows users may like to download the server package from + the CollabNet site as this will also install the SASL utility + programs and create the necessary registry keys for you. + Remember that if you configure your server to only allow certain SASL authentication mechanisms, this can have the effect of forcing all of connecting clients to have SASL