I think you're looking for this: http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html
Also, I didn't quite understand your post, but unless it's about the development of Subversion (i.e., implementing a new feature or asking about internal implementation details), please follow up on the users@ list and not on the dev@ list. Thanks. Avalon wrote on Tue, Dec 28, 2010 at 14:35:08 +0100: > Hi, > > SVN features a mixed authentication/anonymous access (see > http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html#svn.serverconfig.httpd.authz.perdir.ex-3). > > I want to achieve the same functionality using a PHP script: allow > anonymous access until accessing some special content and than request > authentification which should be checked according to a htaccess-file. > As far as i understand the SVN example the authentification is performed by > the Apache modules. > > I configured the ".htaccess" file to look similar: > Order allow,deny > Allow from all > AuthType Basic > AuthName "Realm" > AuthUserFile "/path/to/.htusers" > require valid-user > Satisfy any > > Additionally a PHP script is inside the same folder. > When you now browse to the URL of the PHP script, you can access it without > any credentials requested. > > At some point the PHP script "decides" that authentification is required > (e.g. when passing a param like "?need-auth=1"). > I suppose this is similar to how the mixed authentication/anonymous access in > SVN works (?). > > Therefore it sends the following two headers: > WWW-Authenticate: Basic realm="Realm" > HTTP/1.x 401 Unauthorized > > Then the user is asked to insert username/password for the basic auth. > But now comes the problem: > The apache will ALWAYS let the user pass as anonymous access is always > granted. > I suppose the webserver does not even try to authenticate the user > credentials. > Therefore it is not possible to decide in PHP if the user is anonymous or has > been successfully authenticated. > > How is this performed in SVN for the mixed authentication/anonymous access? > > What i do not want is: > - check the credentials in PHP (due to the many different auth-methods which > could be configured with Apache) > - have a dummy anonymous user like "guest" with password "guest" > - split anonymous and authenticated parts in separate folders (to use > separate .htaccess-files) > > I hope to get some enlightenment from the way SVN realizes this feature. > > Any feedback is highly appreciated. > > Thank you > Dirk
