On Monday, October 7, 2002, at 08:25 AM, Karl Fogel wrote:
> You might write your script to use --username and --password, and we
> might make Subversion fail out if they are invalid, but what if the
> server's entire authentication method changes after the working copy
> is checked out? For regular users, one reasonable behavior is to
> prompt for new information -- it's very convenient. But then we're
> back to wanting a --non-interactive flag for scripts...
I'd stick to this simple rule of thumb:
If the authentication information has been provided explicitly on the
command line, but does not resulting in successful authentication, fail
with an appropriate error. Otherwise, prompt the user.
This would mean prompting when implicitly supplied authentication
information (such as cached tokens) is unsuccessful, or when it's
simply not available. The common use case for this would be a regular
user, which fits.
Script writers need only be explicit about how to authenticate in order
to get the behaviour they want. Subversion should supply a long option
for each type of authentication information it can use. So, for
example, if we supported ssh key exchange, we'd need an --rsa-identity
option. No big deal.
The failure modes here aren't too bad. Script writers who run into
problems because of the prompt have a clear and easy way to deal with
it - they just add an option to their command line. Users who go to the
trouble of explicitly supplying authentication information on the
command line aren't going to be put out when they receive and error
message instead of a prompt. We can assume their doing things the hard
way for a reason and can deal with the results.
Colin Putney
Whistler.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Oct 7 20:20:20 2002