In SCPlugin (Mac OS X plugin to Subversion-enable the Finder, http://
scplugin.tigris.org), several people (see our issue 66) have been
having authentication problems with release 0.7. 0.7 is built with
SVN 1.4.4. The problems described here appear to me to necessarily
lie in the Subversion code, not SCPlugin, yet I can't find any
reference to anything like this in the Subversion lists.
Devs who've ever looked into the authentication support stuff: do you
have thoughts what might be causing the basic-auth credentials to be
truncated? Places we might look we evidently haven't thought of?
Begin forwarded message:
>
> http://scplugin.tigris.org/issues/show_bug.cgi?id=66
>
>
>
>
>
>
> ------- Additional comments from gravity@tigris.org Wed Aug 22
> 09:32:58 -0700 2007 -------
> I did a little more digging on my end.
>
> I read through the dumps again and found that the authentication
> attempts on
> checkout from SCPlugin are sending incomplete credentials. I see
> an initial
> request for the repo with no credentials then a 401 response. A
> second request
> is made with the credentials included. The password is not part of
> the request,
> only the username and ':' exist (in the case of my repository).
>
> I think the initial request may be unneeded if credentials are
> provided on checkout.
>
> I tried another repository as well. I tried to checkout the source
> for SCPlugin
> from the repo here. I used the username 'guest' and no password.
> My results
> were even more interesting... All that was included in the request
> was the ':'.
>
> This still leaves open the issue with the Update functionality as
> well. I never
> get prompted if I have an existing repository. If the password
> does not exist
> somewhere, is there a way to prompt for it?
>
> ****
>
> Here is an excerpt of my tcpdumps
>
> This is a working checkout from SyncroSVN
>
> PROPFIND /svn/apps_dmreg HTTP/1.1
> Host: des-online.dmreg.com
> User-Agent: SVNKit 1.1.2 (http://svnkit.com/)
> Keep-Alive:
> Connection: TE, Keep-Alive
> TE: trailers
> Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
> Content-Length: 300
> Accept-Encoding: gzip
> Content-Type: text/xml; charset="utf-8"
> Depth: 0
>
> ****
>
> Here is the nonworking checkout from SCPlugin
>
> PROPFIND /svn/apps_dmreg HTTP/1.1
> Host: des-online.dmreg.com
> User-Agent: SVN/1.4.4 (r25188) neon/0.25.5
> Keep-Alive:
> Connection: TE, Keep-Alive
> TE: trailers
> Content-Length: 300
> Content-Type: text/xml
> Depth: 0
> Accept-Encoding: gzip
> Accept-Encoding: gzip
> Authorization: Basic dGVzdHVzZXI6
>
> ***
>
> As you can see, the requests are nearly identical aside from the
> incorrect
> 'Authorization: Basic', which if you decode (it's ok, they are test
> passwords)
> you will see that the password is not included. I also see there
> is an extra
> 'Accept-Encoding: gzip' in there as well, but I am fairly certain
> that has
> nothing to do with anything ;)
>
> I am grabbing a copy of the plugin source now to see if I can offer
> anything
> with another set of eyes.
>
-==-
Jack Repenning
jackrepenning@tigris.org
Project Owner
SCPlugin
http://scplugin.tigris.org
"Subversion for the rest of OS X"
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@scplugin.tigris.org
For additional commands, e-mail: dev-help@scplugin.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Aug 25 12:44:00 2007