[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

authorization system status

From: <kfogel_at_collab.net>
Date: 2001-08-07 20:53:50 CEST

Just a note to those who have been following authorization issues:

Subversion M3 has a choice of *two* independent authorization methods
(both assume an already-authenticated username, of course):

   1. Apache .conf authorization. This is done by ra_dav &
      mod_dav_svn, and works basically the same way any Apache
      authorization works. We can protect the whole repository, or
      even paths within the repository (although there's no need to do
      so yet) by setting up <Location>...</Location> directives. The
      committers group is defined in a .conf file or some other place
      containing the authentication information for that group.
      Checkouts can be protected too. Thanks to Greg Stein for
      explaining this.

      ADVANTAGES: efficient, because no new process is fired up to do
      the authorization.

      DISADVANTAGES: coarse-grained -- unlike a hook script (see
      below), you can't run arbitrary code to determine whether
      so-and-so is authorized to do such-and-such. You have to fit
      within Apache's idea of what things are appropriate to
      authorize. Luckily, most of what we do does fit into this idea.

   2. Subversion also has hook scripts. The relevant ones here are
      the start-commit, pre-commit, and post-commit. (The
      start-commit hook fires up the moment someone initiates a commit
      activity, and the hook can reject the commit right then, before
      any real work is done. The pre-commit hook is invoked when the
      commit is ready; it's suitable for checking that any
      automatically-verifiable guidelines about committing are met.
      The post-commit hook is for things like commit emails.)
       
      ADVANTAGES: very fine-grained. The start-commit and pre-commit
      hook can examine anything at all, and run any code they need, to
      authorize the action.

      DISADVANTAGES: inefficient. The hook script has to be started
      up as a separate process.

For M3, we're planning to use method 1 (Apache conf) for
authorization, though we'll use the post-commit hook system for
sending commit emails, of course.

-K

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:36:35 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.