Simon Berry wrote:
> Stefan
>
> I saw your comment :
>
>> SSPIPerRequestAuth on
>>
>> this will make SSPI only require new authentication for every request,
>> not every datapacket sent.
>
> and thought that I would like to enable that on our server (we have a
> lot of offsite engineers connecting through 3G modems - so reducing
> traffic is good) so I turned on the SSPIPerRequestAuth.
>
> 3 minutes later I had a queue of users in my office with authentication
> problems. Tortoise was suddenly asking them for credentials rather than
> using the domain controller automatically. This is our configuration :
What was the error shown?
> <Location />
> DAV svn
> SVNPath d:/Data/SvnRepo
>
> SVNListParentPath on
> AuthName "ATL Subversion Repository"
> AuthType SSPI
>
> SSPIAuth On
> SSPIAuthoritative On
> SSPIDomain andromeda-dc01
> SSPIOmitDomain On
> SSPIPerRequestAuth on
> SSPIOfferBasic On
>
> Require valid-user
> AuthzSVNAccessFile "d:/Data/SvnRepo/conf/svnaccess.txt"
> </Location>
>
> Any ideas as to why this might be ? I have turned off SSPIPerRequestAuth
> for now until I can figure out the problem. I am using Apache 2.0.
This should work, but I suggest adding:
SSPIUsernameCase lower
to make sure that the authentication is done with lowercase usernames -
otherwise SSPI would use both and then you might run into troubles if
you don't have the usernames in all casing in the svnaccess.txt file.
> p.s. is there any documentation on these configuration options ?
I think collab.net has some documentation on that. The mod_auth_sspi
website unfortunately has not much documentation..
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
Received on 2008-07-30 12:19:13 CEST