Authenticating Subversion

We're going to switch from CVS to Subversion at work. I don't make a whole lot of use of CVS, so the finer points of change management are more academic to me than anything else. But authentication...ah, that's a different story. Right now, Unix clients access the CVS repository by NFS; Windows users use the pserver protocol/authentication. NFS access does cause some problems for CVS, but it's completely out of the question for Subversion if you use their Berkely DB filesystem. It's okay for read-only access if you use their FSFS (actual real filesystem files filesystem; the equivalent of CVS' bunch of directories and files). This leads to questions about how we'll allow access over the network, and how we'll authenticate users. Here's my thinking so far.

1. Daemon + DB2
   • Pro: Can restrict access through file permissions to prevent access by NFS.
   • Con: Plain text password file. YAFPF.
2. svn+ssh + DB2
   • Pro: Secure access from home. SSH key-based authentication.
   • Con: The mirrored drive where the repository should be kept is available by NFS and Samba; this can't change. Since file permissions would need to be open to allow read/commit, there's nothing preventing access by NFS and resultant corruption. The other alternative is putting it on a non-mirrored drive, which isn't an option either.
3. Apache + PAM
   • Pro: Can restrict file permissions to prevent NFS/Samba access. Uses already existing FPF, and since we're not using PAM now we can eliminate AFPF. Prod to switch Samba to PAM, which would be AFPF gone.
   • Con: Haven't worked with A2, DAV or mod_auth_foo before. Since will need to coexist for a while with A1, possibility of calcification.
4. Apache + LDAP
   • Pro: Full buzzword compliance. One FPF to bind them all. Get ready for the groupware that will someday be coming down the pike. Can restrict file permissions to prevent NFS/Samba access.
   • Con: Haven't worked with LDAP, either. Will need to convert current password file rather than access directly, creating YAFPF (at least in the short term). Much bigger change, so even bigger danger of calcifictation. (Heh...I like that typo.)

I think I can do Daemon + FSFS, but I need to reread the Subversion book (truly excellent, BTW). This might be the best way to get things going quickly. And of course, any insights or hints are welcome.