Debugging other issues, I turned on verbose logging and was curious if the 
below traffic was typical. This may well be correct, as we have path-based 
authentication requiring valid NTLM users. Server is Windows 2008 R2, Apache 
2.4, NTLM, and SVN 1.8. 

[Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] 
mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of 
Require valid-user : denied (no authenticated user yet)
[Tue Jan 06 15:18:28.378306 2015] [authz_core:debug] [pid 15392:tid 16884] 
mod_authz_core.c(799): [client USER_IP:55559] AH01626: authorization result of 
<RequireAny>: denied (no authenticated user yet)
[Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] 
mod_authnz_sspi_authentication.c(439): [client USER_IP:55559] SSPI00001: 
Entering authenticate_sspi_user()
[Tue Jan 06 15:18:28.378306 2015] [authnz_sspi:debug] [pid 15392:tid 16884] 
mod_authnz_sspi_authentication.c(544): [client USER_IP:55559] SSPI00009: 
Authenticated user: USER_NAME
[Tue Jan 06 15:18:28.378306 2015] [authz_svn:debug] [pid 15392:tid 16884] 
mod_authz_svn.c(400): [client USER_IP:55559] Path to authz file is 
D:/svn/config/svnaccess.conf
[Tue Jan 06 15:18:28.378306 2015] [authz_svn:info] [pid 15392:tid 16884] 
[client USER_IP:55559] Access granted: 'USER_NAME' GET REPO:/PATH_TO_FILE

There are hundreds to thousands of the above entry pattern for each user as 
they browse the repository (over 6 hours log is ~420MB with ~2.4M entries). 

I guess there's no caching of credentials since the path-based authentication 
file can change at any time?

Regards,

JT Miller
L-3 Mustang Technology

Reply via email to