[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Incomplete checkout with authz

From: Christoph Ludwig <ludwig_at_fh-worms.de>
Date: 2007-08-13 19:08:44 CEST


On Sat, Aug 11, 2007 at 07:38:22PM +0200, Michael Mattes wrote:
> I have a question regarding path-based authorization. I'm using svn over
> https with the following dav_svn.authz file (reduced to relevant parts,
> also see the Apache2 config at the bottom):
> [menouthis:/]
> sirprize = rw
> * = r
> [menouthis:/unstable/secret]
> sirprize = rw
> * =
> When checking out anonymously, the "secret" folder does not get checked
> out, as expected. But when I tried checking out like that:
> svn co --username sirprize https://sodge.org/svn/menouthis/ menouthis
> it did not work as well.
> I also noticed that the log messages and timestamps of commits to the
> secret directory are not shown anymore in "svn log", even when svn knows
> my password.

the SVN book has the following text in

  "If you've configured your server block to allow a mixture of anonymous and
  authenticated access, all users start out accessing anonymously. The server
  looks for a * value defined for the path being accessed; if it
  can't find one, then it demands real authentication from the client."

The important bit here is "the path being accessed". I am not 100% sure, but,
IIUC, this refers only to the path you pass as argument to checkout. The
subversion modules do not check all subfolders if any of them requires
authentication. Since https://sodge.org/svn/menouthis/ can be read by
anonymous users, the server never asks for user credentials.

I agree that the book could discuss the consequences of this behaviour more
explicitly and provide examples.



FH Worms - University of Applied Sciences
Fachbereich Informatik / Telekommunikation
Erenburgerstr. 19, 67549 Worms, Germany
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Aug 13 19:08:47 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.