Options: Episode-3

--no-auth-cache

The usual scenario of using Subversion and svn is that, Subversion repository will be in a server and a client connected to it access this repository by using svn. When a number of people are accessing the server, then the server is configured to require authentication on every request for security reasons. If the user is accessing the repository very frequently, then entering the password everytime would be a big annoyance for the user. Fortunately, Subversion client has a system to cache the authentication credentials whenever the command-line client successfully responds to the server's authentication challenge in user's run time configuration area on disk. It will be “~/.subversion/auth” in unix and “%APPDATA%/Subversion/auth” in Windows.

This is how a Subversion client behaves for the authentication challenge by the server:
1.The client checks whether the user has specified the credentials in the command line using the option “ --username and --password”. If so then it tries to authenticate the server's challenge with this credentials.
2.If the user does not provide the credentials via command line or if the provided credential is invalid, then the client looks for the servers hostname, port, realm in the runtime configuration “auth/” area to see weather proper credentials are cached here. If so then it attempts to use these credentials to answer the server's authentication challenge.
3.If proper credential does not exists in the run-time configuration area or if the the credential is invalid, then the client asks the user interactively to answer the server's authentication challenge.
4.If the user authenticates it properly then the client saves the credential in the run-time configuration area and connects to the server. If the user does not want the client to save the credentials then he can achieve this in 2 way, which will be described later.
5.If the user fails to authenticate or if user has used the option “--non-interactive” option, then the client exits.

If the user does not want the client to store the authentication credentials on the disk then he can achieve this by using “--no-auth-cache” option. This option does not lets the svn client to store the credentials in the disk overriding the config file option “store-auth-creds”.

Here's how Subversion stores the credentials in different operation system.
1.Windows: The Subversion client uses the standard windows cryptography algorithm to store the passwords on the disk. As the encryption key is managed by the operating system and is tied to the user's own login credentials, only the user logged in can decrypt the cached password.
P.S: If the user's account password is changed then all the stored password becomes undecipherable. Then svn behaves as though they don't exist, prompting for the password.
2.Mac OS: The Subversion client stores all the repository passwords in the login keyring, which is maintained by keychain service and is protected by users password.
3.UNIX: The “auth/” cache area is permission-protected, so that only the user can view his stored passwords.

If the user wants to permanently disable the option of caching the password on the disk, then he can set the “store-auth-creds”option in the config file to no. This can be extended to all the users using the system by modifying in the system-wide runtime configuration area.

If the user wants to remove only the specific credentials form the disk, then he can navigate to “auth/” and manually delete the appropriate cache file, as the credentials are cached in separated files. In the file the credentials are stored as keys and values.