[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: auth cache (was: svn commit: rev 5006 ...)

From: Greg Stein <gstein_at_lyra.org>
Date: 2003-02-25 01:51:59 CET

On Mon, Feb 24, 2003 at 02:09:15PM +0000, Philip Martin wrote:
> I'm looking at the interface in svn_auth.h and I don't understand why
> svn_auth_first_credentials and svn_auth_next_credentials don't take an
> some sort of context/realm parameter, something that will identify the
> URL for which credentials are required. Does the current system ask
> for credentials without any reference to the URL? Is this information
> supposed to be transferred through the run-time hash?

The latter. And earlier, I mentioned something to Ben, and his response:

> > Currently, the auth interface has this "out of band" global-variable-like
> > thing where you set runtime parameters. That API makes a lot of sense for
> > configuration type stuff (e.g. the cmdline switches), but less sense for
> > true runtime params. For those, you would ideally have a hash that is passed
> > specifically to first_creds. Then it becomes obvious that your credential
> > fetching has additional inputs beyond "give me some of <these>"
> Sorry, I'm totally lost, not understanding what you're talking about
> anymore.

Your query and my followup to Ben is to consider the following two calls:

    creds, iter = auth.first_cred(KIND, pool)
    creds, iter = auth.first_cred(KIND, params, pool)

Which one is more obvious that the credential fetching is parameterized?

Today, we only have the former since the params are passed "out of band" via
the runtime hash. My comment above (to Ben) was simply my explanation on why
we ended up trying to cache stuff without consideratin of the params:
because it wasn't *obvious* that params are part of the equation. If we had
passed them as part of the first_cred() call, then it would have stuck out a
bit more, and the initial caching implementation might have tried to
consider them as part of the key.

> multiple external modules from other repositories? I get further
> prompts for passwords and I appear to have no way to determine the URL
> for which I have to provide credentials.

Right... we need a standard runtime param that the prompting provider can
examine. The URL is the best thing that we have, pending a notion of a
"repository human-readable name".


Greg Stein, http://www.lyra.org/
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Feb 25 01:47:27 2003

This is an archived mail posted to the Subversion Dev mailing list.