Subversion anonymous access troubles

I’m in the process of setting up a Subversion repository at the office, so we can manage our code more easily. Everything was set up nicely and I was able to commit and checkout code. I defined several users in the password file to prevent possible other users on the same network from accessing our repository in any way. It didn’t work though, or so I thought.

As an anonymous user I was able to list the directories in the repository and checkout code, something which I explicitly restricted. After some hours and a lot of yelling I was able to trace down my problem.

Subversion caches your username and password after a successful login attempt. So every time I thought I accessed my repository anonymously, Subversion actually sent a cached username and password to the server.

If you’re working on a Linux box or, in my case, a Mac the credentials are probably stored in your user directory:

~/.subversion/auth/

Deleting all the files in the auth directory will revert you to an anonymous user again, until you successfully login that is — Subversion will recreate the relevant cache directories. You can also set store-passwords = no in the configuration file, also located in .subversion.

Of course, if I’d bothered to read the manual* I would have known… Ashamed now.

*= In my defense, I did glance at the documentation…

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">