[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Milestone 2: authentication and authorization

From: Ben Collins-Sussman <sussman_at_newton.collab.net>
Date: 2000-12-13 23:50:06 CET

I want to start a thread about how the "server" will do authentication
and authorzation. We last talked about this over the summer, but
since Milestone 2 (networking) is coming up, I'd like to revisit some
ideas, and ultimately go into some detail.

I have a vague sketch in my head of how these things work. However,
I'm guessing that Jimb and Greg Stein (a.k.a. Mr. DAV) have much more
*detailed* implementations in their heads. Perhaps they can tell us
about it. I've placed specific questions into my outline below. :)

1. Authentication: "prove who you are".

    My understanding is that Apache has the ability to authenticate in
    many ways. In the simplest case, it has it's own local passwd and
    group file. (Right?)

    * How does this simple built-in authentication system work? Can I
      hear some details or see some examples?

    * How does one make Apache authenticate against external
      user databases?

    * Once Apache authenticates you, how does it "hold on" to the
      identity? How does it know that multiple HTTP requests all
      belong to the same authenticated user? (Sorry, these are basic
      httpd questions!)

    * What encryption options are there? (i.e. SSL from Neon)

2. Authorization: "are you allowed to do something?"

    My understanding is that Access Control Lists (ACLs) are the magic
    beasties that determine if certain pieces of data are accessible
    by certain users.

    The Subversion filesystem has built-in ACLs; they live as
    non-versioned properties attached to nodes. They can be modified
    like any other properties.

    When a DAV process attempts to read or write a node, it presents a
    previously-authenticated username (or group) to the filesystem.
    The filesystem then examines the node's ACL and decides whether to
    allow or deny the action.

    * Is that description above correct? Jimb, is this how you
      imagine the filesystem working?

    * What mechanisms exist in Apache (or Subversion) such that an
      /alternate/ set of ACL's (say, in a SQL database somewhere)
      might be used?

    * I seem to recall Jimb thinking about some kind of server-side
      "authorization plug-in" system. How might that work?

Awaiting brain-dumps.
Received on Sat Oct 21 14:36:17 2006

This is an archived mail posted to the Subversion Dev mailing list.