[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authz problem: mixing anon access + protected directory.

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Mon, 21 Jul 2008 10:34:47 -0400

Omry Yadan wrote:
> BTW:
>
> I don't fully agree with the statement :
>
> "mod_dav_svn is just an apache module, and thus is forced to work with
> apache's authentication design"
>
>
> the only justification for mod_dav_svn is to service an svn repository
> through apache.
>
> if that requires deviating from the design a little - so be it.
> (provided that it's possible without getting into the apache code - of
> course).

Omry, you don't seem to understand the situation here. mod_dav_svn sees
only what Apache lets it see. It isn't the other way around, with
mod_dav_svn being the primary module servicing the request, and just using
Apache to do common helpful tasks. It's Apache that services the requests,
Apache that decides the request is DAV-related, Apache that defers to its
own mod_dav module for how to handle *parts* of the request servicing
process, Apache that deals with the general authentication and authorization
bits, Apache's mod_dav module that decides which portions of the request
fulfillment involve our mod_dav_svn pluggable filesystem provider logic.

Were we to draw a logical diagram of the various phases and steps involved
in servicing a single Subversion WebDAV requests, you'd find out how little
is actually done by mod_dav_svn. Our module is *only* a filesystem
implementation stuck on the back end of Apache's stock behavior and WebDAV
reference implementation. I would correct your assertion by saying, "The
only justification for mod_dav_svn is to read and write data from a
Subversion repository through Apache." All the stuff involved in fully
"servicing" said repository is not within mod_dav_svn's reach.

-- 
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on 2008-07-21 16:35:03 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.