Milestone 2: authentication and authorization
From: Ben Collins-Sussman <sussman_at_newton.collab.net>
Date: 2000-12-13 23:50:06 CET
I want to start a thread about how the "server" will do authentication
I have a vague sketch in my head of how these things work. However,
1. Authentication: "prove who you are".
My understanding is that Apache has the ability to authenticate in
* How does this simple built-in authentication system work? Can I
* How does one make Apache authenticate against external
* Once Apache authenticates you, how does it "hold on" to the
* What encryption options are there? (i.e. SSL from Neon)
2. Authorization: "are you allowed to do something?"
My understanding is that Access Control Lists (ACLs) are the magic
The Subversion filesystem has built-in ACLs; they live as
When a DAV process attempts to read or write a node, it presents a
* Is that description above correct? Jimb, is this how you
* What mechanisms exist in Apache (or Subversion) such that an
* I seem to recall Jimb thinking about some kind of server-side
This is an archived mail posted to the Subversion Dev mailing list.