[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Make mod_authz_svn to apply the authz checks against upper/lowercased usernames

From: Kyle George <kgeorge_at_tcpsoft.com>
Date: Mon, 17 Mar 2008 23:25:52 -0400 (EDT)

On Fri, 7 Mar 2008, Kamesh Jayachandran wrote:

> People using mod_auth_sspi(windows domain authentication apache module)
> face the 'Authorization Failed' error while accessing SVN with mixed
> case usernames which does not match in *exact case* with their authz
> rules.
>
> http://blog.michaelcheng.idv.hk/ explains it in detail.
>
> mod_auth_sspi has a directive by name 'SSPIUsernameCase' with possible
> values being 'Lower/Upper'.
>
> I am not sure whether it really uses it to compare the
> lowered/uppercased username.
>
> I feel we should have similar directive in mod_authz_svn, to author the
> *sane* authz rules in these mixed case username scenarios.

I just saw this. I didn't read your patch, but take a look at this module
I wrote that might do what you want without modifying mod_authz_svn. It
also works with more than just subversion (for cases where users often
munge their usernames). See the "AuthRewriteCase lower" directive:

http://svn.haxx.se/dev/archive-2007-04/0741.shtml

-- 
Kyle George
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-03-18 04:26:06 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.