[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r1572105 - in /subversion/trunk/subversion: svn/auth-cmd.c svn/cl.h svn/svn.c tests/cmdline/getopt_tests_data/svn--help_stdout tests/cmdline/getopt_tests_data/svn_help_stdout

From: Branko Čibej <brane_at_wandisco.com>
Date: Fri, 28 Feb 2014 10:43:25 +0100

On 27.02.2014 15:11, Stefan Sperling wrote:
> On Thu, Feb 27, 2014 at 05:48:42PM +0400, Ivan Zhakov wrote:
>> On 27 February 2014 17:37, Stefan Sperling <stsp_at_elego.de> wrote:
>>> On Thu, Feb 27, 2014 at 02:06:38PM +0100, Stefan Sperling wrote:
>>>> Also note that the help text mentions 'credentials' for this reason:
>>>> auth: Manage cached authentication credentials.
>>> Another thing makes me wary about renaming the command right now
>>> is that we might still extend the command's functionality, for 1.9
>>> or even later.
>>> For instance, we could add an 'authentication' mode to this command,
>>> which simply completes the authentication process for a given URL and
>>> caches the credentials. Then the current name would be very suitable.
>> That's exactly what I would like to avoid: pre-authentication will be very
>> confusing for users IMHO. Some of them may decide that this is
>> required/recommended workflow for Subversion.
> Why is there a problem if people decide to do that? I don't see
> a problem if people decide to pre-cache credentials, or even if
> they believe that doing so was required. There are far worse
> user interface problems we're already living with.
> I'm more worried about people skimming the list of commands printed
> by 'svn help' and not finding functionality they're looking for even
> though it exists.
> I'm not against changing the name of the command. But I think it
> is more important right now to discuss and implement the desired
> scope of functionality. Then we can more easily settle on a good name.
> It could be useful to pre-cache credentials for repositories which only
> require auth for write operations. For example, consider situations where
> the svn client is run from scripts or cronjobs. Right now, we require
> users to make a change to the repository history in this situation to
> get a password cached, don't we?
> Another thing that has been requested already when 'svnauth' was introduced
> is to have a way of adding credentials to the cache without contacting
> the server. This could be used to save a trusted SSL cert before contacting
> the server, for example. And the corresponding API could be used by a GUI
> client to edit/update cached credentials.

+1 to all of that. I'm right now having to live with the fact that
there's no useful API in Subversion for doing just that; and the result
is that SmartSVN, whilst replacing SVNKit with JavaHL, is still not
using Subversion's credentials store. I was kind of counting on these
features of "svn auth" (and the associated new APIs) for 1.9.

On the topic of renaming "svn auth" ... do you want it mauve or vermillion?

-- Brane

Branko Čibej | Director of Subversion
WANdisco // Non-Stop Data
e. brane_at_wandisco.com
Received on 2014-02-28 10:44:08 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.