[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Credential caching in mod_dav_svn

From: Darshak Thakore <d.thakore_at_cablelabs.com>
Date: 2007-04-16 17:42:19 CEST

Hi all,
This question is related to the mod_dav_svn module. I am running
subversion behind apache httpd using mod_dav_svn. I also need
per-directory access control so I have the mod_authz_svn configured. Now
we already have a custom user database that runs on another server and
we want to leverage that user database. So I configured apache's basic
auth module (mod_auth_basic) to call a wrapper script that I wrote which
connects to our user database and authenticates a user. If I understand
correctly, the workflow should be :
1. user tries to access a repository or a directory within using http://
2. apache passes this off to mod_dav_svn
3. mod_dav_svn will invoke mod_basic module which in turn will challenge
the user for credentials
3. user supplies the credentials
4. mod_basic passes off the credentials to the configured authenticator
module (in my case this would be the wrapper script). Assuming the user
supplied the correct password mod_basic will send a positive auth
message to mod_dav_svn
5. upon authentication, mod_dav_svn will invoke the mod_authz_svn module
to check if the requested operation is allowed.

Now as a user if I am checking out lets say
http://myserver/svn/repo1/trunk/ I believe the mod_dav_svn module will
perform authentication once and then would recursively invoke
authorization on each and every path. Instead what I have observed is
that mod_dav_svn invokes authentication also on each and every path. I
am trying to understand why it is invoking authentication for each and
every path when a user had already been authentication once for that
particular request.

Also is there any way to change this behavior ??

Any input will be appreciated.
-- darshak
 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Apr 16 17:42:39 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.