With CVS’s pserver, you are required to log into the server (using the cvs login command) before performing any read or write operation—you sometimes even have to log in for anonymous operations. With a Subversion repository using Apache httpd or svnserve as the server, you don’t provide any authentication credentials at the outset—if an operation requires authentication, the server will challenge you for your credentials (whether those are username and password, a client certificate, or even both). So, if your repository is world-readable, you will not be required to authenticate at all for read operations.

As with CVS, Subversion still caches your credentials on disk (in your ~/.subversion/auth/ directory) unless you tell it not to by using the --no-auth-cache option.

The exception to this behavior, however, is in the case of accessing an svnserve server over an SSH tunnel, using the svn+ssh:// URL scheme. In that case, the ssh program unconditionally demands authentication just to start the tunnel.