subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob van Oostrum <rva...@gmail.com>
Subject Re: Is there an authenticated no-op in subversion?
Date Mon, 07 Jun 2010 20:27:51 GMT
On Mon, Jun 7, 2010 at 12:03 PM, Daniel Danger Bentley
<dtbentley@gmail.com>wrote:

> I'm working on a system to interact with subversion automatically. Some of
> the repositories in question work over https, and this requires
> authentication for certain actions.
>
> I would love to separate authentication from action. Is there a way to
> perform an authenticated no-op (which would fail if not authenticated)? If
> this did exist, then I could first try this, and perform the hairier actions
> only once I'm sure I'm authenticated.
>
> The best we've been able to come up with at work so far is to do a propset
> on a revision property.
>
> Thanks,
> -Dan Bentley
>

You are confusing authentication with authorization. Authentication = "user
is who they say they are". Authorization = "user has permission to do X"
(user may or may not be authenticated), which can (and often does) depend on
both authz configuration and repository hooks.

Authentication can be covered simply by disallowing any non-authenticated
write access. Predicting authorization is more complicated unless you can
safely "if test X works, real operation Y should also work".

If all you really need is in fact an authenticated no-op, you should be able
to run any read operation, which - if you are disallowing anonymous access
entirely - will only work when already authenticated.

Cheers
Rob

Mime
View raw message