[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Bug: svn log info restricted even when authorized

From: Daniel Berlin <dberlin_at_dberlin.org>
Date: 2005-08-06 14:53:25 CEST

On Sat, 2005-08-06 at 07:54 -0500, Ben Collins-Sussman wrote:
> The issue here is that the log-fetching is a single HTTP request on
> the parent directory (REPORT). mod_auth_svn says, "ah, anybody can
> read this directory, so I'm not going to ask for authentication at
> all." Then when the log-traversal hits a change that affects the
> restricted area, there's no opportunity to authenticate. The lack of
> authentication is 'permanent' for the whole request, and thus the
> anonymous reader is denied access to the one area.
> I can't think of a solution here; there's no way apache can halt in
> the middle of streaming a long response and demand authentication.'d

You'd need to add some state so that you could do continuations (IE add
a tag saying "continued in next report", end the report, request
authentication, then continue the report)


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Aug 6 15:54:33 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.