[SvnBook] #31: Explain HTTP single-chance authn shortcoming

SvnBook noreply at red-bean.com
Fri Aug 10 19:15:52 CDT 2007


#31: Explain HTTP single-chance authn shortcoming
-------------------------+--------------------------------------------------
 Reporter:  cmpilato     |       Owner:  nobody       
     Type:  enhancement  |      Status:  new          
 Priority:  normal       |   Milestone:  1.4          
Component:  content      |     Version:  nightly/trunk
 Keywords:               |  
-------------------------+--------------------------------------------------
 explain shortcoming in http checkout authorization.  because checkout is
 done as one http request, there's only one chance to authenticate (or
 not).  if root-dir is anonymously readable, then '''whole tree''' will be
 checked out anonymously.  if root-dir requires authn, then '''whole
 tree''' will be checked out as that user.  until we get pipelining and do
 checkouts as multiple GETs, it's impossible to change authn halfway
 through a checkout.

-- 
Ticket URL: <http://svnbook.red-bean.com/trac/ticket/31>
SvnBook <http://svnbook.red-bean.com/>


More information about the svnbook-dev mailing list