Greg Hudson <ghudson_at_MIT.EDU> writes:
> Long answer: from the server's viewpoint, svnserve sees that it has been
> executed in "tunnel mode" (-t) which means the EXTERNAL auth mechanism
> is available to the client. This mechanism allows the client to
> authenticate by fiat, providing no additional credentials. "I already
> proved to you who I am, let's move on." In theory, the client could
> ignore EXTERNAL and choose to authenticate to a different user by
> username/password. Our client never chooses to do this, but the server
> code allows it. In that case, svnserve would need access to the
> password file. Since that's not an authentication scenario most people
> are interested in (or one our client supports), such access is not
> generally important.
Thank you for the clear explanation.
So, Kristian Kauper... would you like to write the patch? It's okay to
say no, of course, but we'd be remiss not to ask :-). See
http://subversion.tigris.org/hacking.html#patches
if you're not familiar with the patch submission guidelines already.
Best,
-karl
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-29 18:21:43 CEST