Tony,
Thanks for the info. We are running svn on a Windows server, so I think
that precludes using ssh.
I'm not sure what auth method I will be using. I was planning on using
the visualSVN server and I don't know exactly which authentication
module it uses. I really don't want a 50% hit as another poster here
mentioned that they are seeing.
BOb
-----Original Message-----
From: Tony Butt [mailto:tjb_at_cea.com.au]
Sent: Wednesday, December 10, 2008 8:43 PM
To: users_at_subversion.tigris.org
Subject: Re: svn vs http performance
On Wed, 2008-12-10 at 16:02 -0500, Bob Archer wrote:
> Hello all,
>
>
>
> I was wondering if there is much of a difference between svn: and
> http: performance. I have read that svn is faster but is it "a lot"
> faster or just a bit?
>
That depends on how your authentication is done.
We used an Active Directory server for authentication, and ran
subversion with mod_auth_krb on a Suse Linux Enterprise Server and
apache 2.0, and found that svn+ssh:// was much faster than http://
That was because there was no caching of authentication credentials
between GET's for files, so every file fetched in a checkout (for
instance) would cause the kerberos credentials to be checked again.
We eventually switched to mod_auth_pam, and used kerberos in PAM to
authenticate, which performed better, and gave us single sign on. (svn
+ssh uses PAM too). The svn+ssh:// was still at least 2x faster than
http://
We currently use mod_authnz_ldap with an apache 2.2 server, and http://
is now pretty good, as there is authentication caching happening on
apache. I still think svn+ssh is a little faster, but only by a small
margin.
Tony Butt
Senior Software Engineer
CEA Technologies
Canberra
Australia
>
>
> I basically want to move from a password file to using NT Auth/Active
> Directory so I don't have to manage username/passwords and which cause
> me to just give people simple passwords that never change. It seems
> the easiest/best way to do this is to go to Apache rather than
> svnserve. I haven't found a way to use AD with svnserve for Tortoise
> client... if there is an easy way to do this without building client
> exe's please enlighten me.
>
>
>
> BTW: This is all inside the firewall stuff. With remote offices on the
> WAN being some type of tunneled IP/VPN stuff over the internet.
>
>
>
> Thanks,
>
> BOb
>
>
>
>
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageI
d=982636
To unsubscribe from this discussion, e-mail:
[users-unsubscribe_at_subversion.tigris.org].
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=982870
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2008-12-11 16:15:28 CET