On Tue, Feb 07, 2012 at 03:32:02AM -0800, Frank Jaworski wrote: > Hello, > > So, for example, I did an "export" using TortoiseSVN: > > Which led to this on our RADIUS server log: > > Tue Feb 7 06:28:24 2012 : Auth: Login OK: [fdj2] (from client osscvs2.cit > port 0) [snip] > Tue Feb 7 06:28:25 2012 : Auth: Login OK: [fdj2] (from client osscvs2.cit > port 0) > > > This is with: > > KeepAlive On > MaxKeepAliveRequests 0 > KeepAliveTimeout 60 > > I still don't expect that many authentications.
I don't know how apache httpd is configured to talk to the radius server. It seems like it doesn't keep any state for authenticated users, but rather contacts the radius server on each request, i.e. whenever it has to decide whether a user is allowed to access a <Location> that maps to a Subversion repository. So, yes, it does look like radius authentication kicks in per request, rather than per TCP connection. But I don't know how it could be fixed.
