I'm trying to protect a subversion repository, requiring a username/password to browse the repo, and requiring the user to be a member of the admin group to file any changes.

Guest user (read-only permissions) is 'user1', admin user (read-write permissions) is 'user2'. Both are defined in dav_svn.passwd file, but only user2 is defined in dav_svn.group, ie

# dav_svn.group
admin:user2

[httpd.conf]

<VirtualHost *:443>
  <Location /svn>
    DAV svn
    SVNPath /path/to/svn
    AuthType Basic
    AuthName "Subversion Repository"
    AuthUserFile /etc/apache2/dav_svn.passwd
    AuthGroupFile /etc/apache2/dav_svn.group
    Require valid-user

    <LimitExcept GET PROPFIND OPTIONS REPORT>
       Require group admin
    </LimitExcept>
  </Location>
</VirtualHost>

Although attempts to acces the repo is greeted with the login box for both users, both users can commit changes to the repo, and the Apache access.log shows PUT, MERGE, CHECKOUT, DELETE, PROPPATCH, MKACTIVITY, etc entries for user1, who should not be able to do any of those things.

I tried putting 'Require valid-user' in a <Limit GET PROPFIND OPTIONS REPORT> block, but it didn't help.

It looks like the LimitExcept block is not taking effect, but I can't see where I might have mis-configured it. Any help appreciated.