[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Is there an authenticated no-op in subversion?

From: Rob van Oostrum <rvanoo_at_gmail.com>
Date: Mon, 7 Jun 2010 16:27:51 -0400

On Mon, Jun 7, 2010 at 12:03 PM, Daniel Danger Bentley
<dtbentley_at_gmail.com>wrote:

> I'm working on a system to interact with subversion automatically. Some of
> the repositories in question work over https, and this requires
> authentication for certain actions.
>
> I would love to separate authentication from action. Is there a way to
> perform an authenticated no-op (which would fail if not authenticated)? If
> this did exist, then I could first try this, and perform the hairier actions
> only once I'm sure I'm authenticated.
>
> The best we've been able to come up with at work so far is to do a propset
> on a revision property.
>
> Thanks,
> -Dan Bentley
>

You are confusing authentication with authorization. Authentication = "user
is who they say they are". Authorization = "user has permission to do X"
(user may or may not be authenticated), which can (and often does) depend on
both authz configuration and repository hooks.

Authentication can be covered simply by disallowing any non-authenticated
write access. Predicting authorization is more complicated unless you can
safely "if test X works, real operation Y should also work".

If all you really need is in fact an authenticated no-op, you should be able
to run any read operation, which - if you are disallowing anonymous access
entirely - will only work when already authenticated.

Cheers
Rob
Received on 2010-06-07 22:28:51 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.