[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Feature request : make optional the UTF-8 encoding of user name and password during authentication

From: Cedric Quilliot <cedric.quilliot_at_valeo.com>
Date: Fri, 8 Oct 2010 08:00:24 -0700 (PDT)

Hello,

After a discussion in CollabNet forum (http://subversion.open.collab.net/ds/viewMessage.do?dsForumId=3&dsMessageId=386510), I discovered that TortoiseSVN always UTF-8 encode the username and passwords during a basic authentication challenge (in module SVN, file SVNPrompt, function SVNPrompt::simpleprompt).

In my opinion this is a mistake (at least in some cases), and should be configurable.

My SVN server configuration is :
- using the last version of a CollabNET server, running on Windows 2003
- repositories are accessed using "basic authentication" and password are valided against an LDAP server.

To sum it up, the original issue is : users having non-ASCII characters in their password can't authenticate with TortoiseSVN, but can authenticate successfully when direct login to Apache with a web browser.

After looking deeper at the network frames, username and password are sent in the same code page as the user interface (Latin1 in my case), and password validation works fine.

But since TortoiseSVN always encodes in UTF-8 the password, a password containing an english pound (£) is always rejected.

It is probable that the UTF-8 encoding is good in some configurations, but in my case it doesn't work, this prevents users from having non-ASCII characters in their password.

What do you think of this evolution ?

Cedric

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=757&dsMessageId=2669329

To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-10-08 17:01:28 CEST

This is an archived mail posted to the TortoiseSVN Dev mailing list.