Re: User can by pass the authentication

Shirley Han wrote:
> Dear all,
>
> I recently setup the SVN server and installed TortoiseSVN on user's
> PC. I have also put the access control to the repository in place
> through Apache. The access control worked on two of three users' PC.
> One user can access to the repository and commit without have to
> provide the username and password.

Either that user has read/write access (messed up auth files on your
server) or the user is not accessing the repository via http/https but
file://

> Also, through TortoiseSVN Settings-> Saved Data, the Clear button for
> "Authentication data" is greyed out.

that means he wasn't asked for authentication and there was no auth data
to save yet.

Also, if you've configured your server to authenticate users via SSPI,
users on the same domain won't have to enter authentication data since
the authentication is then done by windows and the domain controller.
But even then, if you haven't set up that user to have write access, he
shouldn't be able to read/write to the repository.

Anyway: for server questions and how to set up authentication, you
should ask on the Subversion users list.

Stefan

-- 
       ___
  oo  // \\      "De Chelonian Mobile"
 (_,\/ \_/ \     TortoiseSVN
   \ \_/_\_/>    The coolest Interface to (Sub)Version Control
   /_/   \_\     http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=1135981
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].