Debugging other issues, I turned on verbose logging and was curious if the below traffic was typical. This may well be correct, as we have path-based authentication requiring valid NTLM users. Server is Windows 2008 R2, Apache 2.4, NTLM, and SVN 1.8.
[Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of Require valid-user : denied (no authenticated user yet) [Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet) [Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] mod_authnz_sspi_authentication.c(439): [client USER_IP:55559] SSPI00001: Entering authenticate_sspi_user() [Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] mod_authnz_sspi_authentication.c(544): [client USER_IP:55559] SSPI00009: Authenticated user: USER_NAME [Tue Jan 06 15:18:28.378306 2015] [authz_svn:debug] [pid 15392:tid 16884] mod_authz_svn.c(400): [client USER_IP:55559] Path to authz file is D:/svn/config/svnaccess.conf [Tue Jan 06 15:18:28.378306 2015] [authz_svn:info] [pid 15392:tid 16884] [client USER_IP:55559] Access granted: 'USER_NAME' GET REPO:/PATH_TO_FILE There are hundreds to thousands of the above entry pattern for each user as they browse the repository (over 6 hours log is ~420MB with ~2.4M entries). I guess there's no caching of credentials since the path-based authentication file can change at any time? Regards, JT Miller L-3 Mustang Technology