Re: Authz on Collection of Repositories

From: Thomas Åkesson <thomas_at_akesson.cc>
Date: Mon, 5 Nov 2012 00:21:48 +0100

Thanks Ivan for your work. I have very little experience with the svn codebase so my review is probably not very valuable. Anyway. looks good to me.

I have meant to set up a test server with our reference configuration to validate the patch under realistic circumstances. Unfortunately, the SLES activation servers have been down for several hours (we don't have dev tools on our VM Appliance by default). I will do some tests with parentpath under "/svn/" and both variations of Satisfy as soon as possible.

On 2 nov 2012, at 15:25, C. Michael Pilato wrote:

> I think HEAD[1] request would be the appropriate request here. (And I
> wonder, in retrospect, why we aren't using it for our regular in-repos
> path-based authz...)

I did some tests with curl --head just as a sanity check. It seems to be a good choice for access control. I primarily wanted to see that HEAD requests were not allowed in situations where GET is not (e.g. when user has access in directories below).

The HEAD requests I performed (minimal curl command) did not cause the server to provide Content-Length when returning "200 OK".

/Thomas Å.
Received on 2012-11-05 00:22:24 CET

This message: [ Message body ]
Next message: neels_at_apache.org: "[svnbench] Revision: 1405681 compiled Nov 5 2012, 00:21:40 on x86_64-unknown-linux-gnu"
Previous message: Blair Zajac: "Re: svn commit: r1405539 - /subversion/trunk/subversion/bindings/javahl/native/"
In reply to: C. Michael Pilato: "Re: Authz on Collection of Repositories"
Next in thread: Branko ÄŒibej: "Re: Authz on Collection of Repositories"
Reply: Branko ÄŒibej: "Re: Authz on Collection of Repositories"
Reply: Thomas Åkesson: "Re: Authz on Collection of Repositories"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]