[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH]: Add --password-file and --password-envvar

From: Branko Čibej <brane_at_wandisco.com>
Date: Tue, 08 Jul 2014 14:14:33 +0200

On 07.07.2014 10:51, Julian Foad wrote:
> Branko Čibej wrote:
>> On 07.07.2014 10:27, Julian Foad wrote:
>>> Aha! But Subversion already has a way to read authn creds from a file:
>>>
>>> --config-dir=x
>>>
>>> All we're lacking is a convenient way to put the required creds into
>>> the file. A user interface could be:
>>>
>>> svn auth authenticate $REPO_URL
>>>
>>> or, if you insist on being able to cache a user name and password when you
>>> don't currently have access to the server:
>>>
>>> svn auth authenticate $REPO_URL --force --username=y --password=z
>>>
>>> Thoughts?
>> Won't work given how we currently store credentials. The credentials key
>> is not the URL, it's the realmstring, which you (in general) will not
>> know without actually contacting the server.
> OK, right. To be clear, you mean the *second* thing I wrote (the --force variant) won't work. The first will.

I just realized that even the variant without --force and with access to
the may not always work. Consider what "authenticate" means in ra_serf:
it would rely on issuing a request to the server that does not modify
the repository, but does trigger the part of the HTTPd configuration
that causes the server to respond with an authentication request. There
is no way to tell how the server is configured and therefore which HTTP
methods to which URLs will require authentication.

-- Brane

-- 
Branko Čibej | Director of Subversion
WANdisco | Realising the impossibilities of Big Data
e. brane_at_wandisco.com
Received on 2014-07-08 14:21:48 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.