Upuntil now, svn access was restricted to ssh tunnels or anonymous, read only access via apache. So my task was to figure out how to pursuade apache to do a number of things.

1) All traffic should be https, so anyone logging in doesn't hand out their password unknowingly.
2) If they try via http, it redirects them to https, wether they like it or not
3) Update the config to enable authentication for subversion, but retain anonymous access also
4) For authenticated users, check authorisation on a per repository basis.

I found out that the per repository bases meant per path, so we can lock down who can tag, or update components of a project, which is nice.

Had to sort out some permissions things as the original repositories were all owned by the subversion user, and now apache needs access too.

It seems to work