[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: WARNING: Upcoming authn/authz policy change for svn.collab.net

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Tue, 11 Aug 2009 17:37:28 -0400

Around 10pm or 11pm tonight (U.S. Eastern time), I'm going to take
svn.collab.net offline for a bit to make these authn/authz simplifications
I've been talking about. Here's the updated plan:

   * There will be a single password file for all repositories on this box.
     When merging password files, any password clashes for a given username
     will be resolved such that the password used for the most secure
     repository will win.

   * Non-SSL access to repositories and ViewVC will be anonymous only. No
     more authentication for non-SSL access, period.

   * SSL access will have the same authentication requirements as currently
     exist, with one notable exception: today we have both '/repos/svn-org'
     and '/repos/svn-org-no-anon' locations, required because of
     http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html . In
     the future, we'll still have two "locations" for this repository: one
     is "accessed via SSL, authn required" and the other is "accessed
     without SSL, authn-free, without permission to see the private portions
     of the repository." Both of these will use the URI path /repos/svn-org
     as expected.

C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on 2009-08-11 23:37:45 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.