On 1/11/06, Molle Bestefich <molle.bestefich@gmail.com> wrote:
>
> Stefan Küng wrote:
> > You have to differ between authentication and authorization.
> >
> > The username/password or SSPI (single-sign-on) is for authentication
> > only. But then, if the authenticated user (e.g. the user "guest")
> > doesn't have the authorization to access a specific directory in the
> > repository, the whole operation fails.
> > It's the same as if you would enter a username/password for a user who
> > only has read access to a repository while you're trying to commit.
> >
> > And since the authorization is done in neon, but the authentication
> > later is done on the server (apache), you can't just prompt for
> > username/password - because the operation already failed.
> >
> > btw: this has nothing to do with SSPI, it also happens with basic auth.
> > * Set up a user with read-only access
> > * try a commit
> > * enter username/password of the readonly user
> > * operation fails
>
> Ah. Super.
> Thanks for the explanation.
Thanks for reverting it back. I have the same problem with the 401. This
will get us back on track.
- Ryan
RJP Computing
Received on Thu Jan 12 16:12:06 2006