Authentication Questions

Debugging other issues, I turned on verbose logging and was curious if the below traffic was typical. This may well be correct, as we have path-based authentication requiring valid NTLM users. Server is Windows 2008 R2, Apache 2.4, NTLM, and SVN 1.8.

[Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of Require valid-user : denied (no authenticated user yet)
[Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet)
[Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] mod_authnz_sspi_authentication.c(439): [client USER_IP:55559] SSPI00001: Entering authenticate_sspi_user()
[Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] mod_authnz_sspi_authentication.c(544): [client USER_IP:55559] SSPI00009: Authenticated user: USER_NAME
[Tue Jan 06 15:18:28.378306 2015] [authz_svn:debug] [pid 15392:tid 16884] mod_authz_svn.c(400): [client USER_IP:55559] Path to authz file is D:/svn/config/svnaccess.conf
[Tue Jan 06 15:18:28.378306 2015] [authz_svn:info] [pid 15392:tid 16884] [client USER_IP:55559] Access granted: 'USER_NAME' GET REPO:/PATH_TO_FILE

There are hundreds to thousands of the above entry pattern for each user as they browse the repository (over 6 hours log is ~420MB with ~2.4M entries).

I guess there's no caching of credentials since the path-based authentication file can change at any time?

Regards,

JT Miller
L-3 Mustang Technology
Received on 2015-01-06 22:40:15 CET