[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: NTLM lookup within hook script

From: <kmradke_at_rockwellcollins.com>
Date: Wed, 22 Oct 2008 10:26:55 -0500

"Gleason, Todd" <tgleason_at_impac.com> wrote on 10/22/2008 06:33:44 AM:
> Someone can correct me if I?m wrong, but I understood it to be the case
> using Apache to do path-based security would cause extreme performance
> problems with Subversion. Basically I thought that lookups would be
done on
> every svn path for operations like svn log, update, and checkout, which
is a
> dealbreaker since within a given repo we want uniform read access, and
> performance. I thought this was one of the big reasons behind
svnperms. Did
> I misunderstand?

svnperms allows "action" based controls, such as add, but not delete, etc.
Path based only allows for R/O or R/W access.

If you are on windows, you may also want to check out visualsvn server:

It has a graphical management console to add/remove permissions on a
per directory basis and will talk directly to your Active Directory
(Similar authentication to mod_auth_sspi)

I haven't seen extreme performance problems using mod_auth_sspi.
You will want to make sure to use "SSPIPerRequestAuth Off" in
your config file though.

Kevin R.

> From: Miha Vitorovic [mailto:mvitorovic_at_nil.si]
> Sent: Tuesday, October 21, 2008 11:26 PM
> To: Gleason, Todd
> Cc: SubVersion Users
> Subject: Re: NTLM lookup within hook script
> "Gleason, Todd" <tgleason_at_impac.com> wrote on 22.10.2008 04:36:28:
> > I?m trying to write a pre-commit hook script along the lines of
> > svnperms. The script needs to do an NTLM lookup on the user
> >
> > The svn server is version 1.5.2 with Apache, running on a Windows
> > server. I?m hoping to implement the script in Python though I don?t
> > mind if I have to call into something else for the NTLM lookup.
> Todd,
> since you're on Apache, aren't you basically trying to reinvent the
wheel (
> http://sourceforge.net/projects/mod-auth-sspi)?
> Br,
> ---
> Miha Vitorovic
> Inženir v tehničnem področju
> Customer Support Engineer
> NIL Data Communications, Tivolska cesta 48, 1000 Ljubljana, Slovenia
> Phone +386 1 4746 500 Fax +386 1 4746 501 http://www.NIL.si
Received on 2008-10-22 17:27:31 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.