> From: Ben Collins-Sussman [mailto:sussman@collab.net]
> Sent: Wednesday, August 04, 2004 7:21 PM
> On Tue, 2004-08-03 at 23:36, David Kewley wrote:
>
> > This behavior is *not* as desired. Perhaps this is not a
> subversion
> > bug
> > -- I may well have made some configuration mistake
> somewhere. But the
> > fact that during 'svn co' I'm not asked for
> username/password, *and*
> > not warned, does seem like a bug. It also seems suspicious
> that 'svn
> > co' fails where a web browser succeeds.
> >
> > Can anyone reproduce this or comment on it?
>
> This is a failing in the authentication model, which Sander
> Striker (the author of mod_authz_svn) have discussed in the
> past. Because the 'root'
> checkout requires no authn, the server sends no challenge,
> and the checkout procedes as anonymous for the entire
> checkout. I can't remember if there's a workaround or bug
> filed on this, or if there's even a plan or way to get the
> behavior you desire.
>
> Sander, can you comment?
There is only a single request, the REPORT request, so there
is only one chance for authentication. So, when you the authenticated
user for the top level directory you are checking out doesn't
have access to a lower directory, it is silently ignored (just
like in CVS BTW).
The problem is ofcourse more visible if you allow anonymous
access to that same top level directory, since then there will
be no authenticated user at all at the lower levels.
If you still wish to check out that directory, you have to
cd into it's parent and run a checkout of the dir there.
This should get you an authentication prompt.
Sander
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 5 11:07:46 2004