(please keep me in Cc: since I'm not on the list (yet)) Hi,
We recently switched from using a htgroup file with apache2 to using the <repo>/conf/authz file with AuthzSVNReposRelativeAccessFile, for performance reasons. The authz files are really simple, like this: [/] f...@example.com = rw b...@example.com = rw The performance benefit is ludicrous, but we ran into an issue: Since we have nginx in front of the apache2+svn box, there's only a small amount of connections that is opened between nginx and apache2. Those connections carry requests from different end users, and live relatively long. Inside mode_authz_svn the per-repo authz files are cached using a per-connection cache. Since we dynamically create and remove repositories, and dynamically add and remove users, users that are added to a repository are not able to use the repository immediately. Also, our automated create repo flow which first creates the repo, checks if it can be accessed correctly and then adds the user to the authorization list triggers this problem in nearly 100% of the cases. Currently, I'm running a modified mod_authz_svn that simply disables caching (not causing any noticable performance difference): http://paste.debian.net/plainh/0b2f4e20 I understand that it's possible to create really complex authorization structures inside a file for a single repository, so the caching of the result of parsing the file might be useful in some cases. My suggestion about improving this situation would be to simply save the modification time of the authz file with the cached information, and check the mtime again on every request, invalidating the cache whenever we notice that the file has changed. I can give it a shot to prepare a patch to do this, if wanted. Thanks, Have fun, -- Hans van Kranenburg
