Hi,
regarding svnserve, what I wanted to say is not that it "required" anon to
work, but that
if I want to use svn:// tunnelled instead of svn+ssh:// for speed concerns,
I will have to
use anon=write, or otherwise set a separate access list for authentication.
In other words, if I tunnel svn:// over ssh, svnserve will not use
the current user that has the tunnel setup as the author (which is normal as
the transactions
are still made using svn:// locally on the server, logically svn:// with
anon=write doesn't fetch the
username).
Thank you for your advices on apache, I thought that using https:// protocol
bound on LDAP would
have been "smarter" and would not have authed on each action, but it seems
not...
You are right, though, it is not the responsibility of tortoiseSVN to have
this fixed.
I think I'll talk about this on subversion's mailing lists instead.
Thank you,
--Peter.
On 5/31/06, Jody Shumaker <jody.shumaker@gmail.com> wrote:
>
> On 5/31/06, Peter Scmsvn <scmsvn@gmail.com> wrote:
> > Hi,
> >
> > regarding that thread, It seems that tunnelling svn:// loses all the
> author
> > information.
> > (which is logical, since anonymous login has to be allowed.)
> >
> > So I'm still stuck with the problem that using svn+ssh:// does one
> handshake
> > for each
> > transaction made, including opening folders, which takes approximately 2
> > seconds, that can
> > be a little annoying...
> >
> > Another solution would be to use apache+ldap but woud it be possible to
> > chache the
> > connection information and keep alive the ssh session, as long as, lets
> say,
> > the repo-browser is opened ?
> >
> > Thanks,
> >
> > --Peter.
> >
> >
>
> Pretty sure you're asking this in the wrong place. This is something
> the subversion libraries would need to support. Also apache+ldap
> would suffers from the same problem. It re-opens and re-auths multiple
> times just like svn+ssh. However, your comment on svnserve is wrong.
> It does not require anonymous access.
>
> http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.auth
> mentions how to disable anon-access.
>
> I'd love it though if they could redesign things to not have to
> continually re-auth, as this was one of the things i had to overcome.
> Our initial server setup was apache+mod_pam+winbind, but winbind was
> using way too much CPU time to authenticate and was making operations
> like checkout, or log retrieval, take 6x longer than no
> authentication. Ended up using apache+ldap which used less CPU, but
> still because it has to authenticate every time, it takes about 30%
> longer because of the auth. Didn't use svnserve because tying it to a
> windows domain would have been much more complicated, and at it didn't
> support per directory permissions.
>
> - Jody
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org
> For additional commands, e-mail: users-help@tortoisesvn.tigris.org
>
>
Received on Wed May 31 17:44:26 2006