As from Tortoise 1.2.x, some our users who do not have read access to
the root of the repository are asked for their username and password 3
times for every session they start in TortoiseSVN, regardless of whether
they tell it to store their passwords. This behaviour was not present
in the 1.1 branch (including 1.1.7) and is still present in yesterday's
nightly build. The users that it effects have been denied access to the
root of the repository, but granted access to the level which they are
trying to access. Users are running a combination of XP Pro and 2000.
Our svn repository is only accessed via http (Apache 2). I use a
combination of auth_ldap and authz to authenticate users against our
Windows domain controller and to restrict access to certain levels of
the repository. This authentication system works correctly to the best
of my knowledge. I have attached a copy of the dav_svn.authz file so
you can see how permissions are set up. I (mspicer) am a member of a
group called pvma which has rw access to /pvma. However, I do not have
read or write access to /. With Tortoise 1.1.7, I can launch the
repository browser and point it to http://svn/repos/pvma
(http://svn/repos is simply the address to the root of our repository).
If TortoiseSVN hasn't already cached my credentials, I am prompted for
them once and can then browse stuff under /pvma without further prompts.
With 1.2.0, 1.2.1 and yesterday's nightly, the following _always_ happens:
- I launch repo browser and point it to http://svn/repos/pvma
- I am prompted three times to enter my username and password and each
time enter them correctly and tick the remember my password box
- After the third attempt, the repository browser displays two levels:
http://svn/repos and, below, it pvma. I can browse below pvma as
expected, with no further prompts for authentication.
- If I close the RepoBrowser and relaunch it, the process repeats.
Users are always asked for their password 3 times before it suceeds!
Passwords are never stored between sessions.
Users with read access to the root of the repository are not affected by
this issue. Our only solution for now has been to ask the affected
users to stick with version 1.1.7 of TortoiseSVN. I'm assuming that
there is no requirement for all users to have read access to the root of
the repository so am guessing that this is a bug in TortoiseSVN.
I am not subscribed to the dev mailing list so please cc all replies to
max-bugzilla@csl.gov.uk.
Thanks,
Max Spicer
[groups]
istdev = kmiah,mstubbs,pharris
istadmin = dstott,matkinso
wema = awsmith,rstones
pvma = owardman,apote,jharitou,emaidmen,dhunt,jzhang,mspicer
[/]
@istdev = r
@istadmin = rw
coldfus = r
[/dev]
@istdev = rw
coldfus = rw
[/intranet/applicat]
@istdev = rw
coldfus = rw
[/shared]
coldfus = rw
[/shared/library/branches]
@istdev = rw
[/wema]
@wema = rw
[/pvma]
@pvma = rw
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Thu Jul 28 17:19:36 2005