[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authentication via WebDav

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: Tue, 19 Jan 2010 21:41:25 +0100

On 19.01.2010 15:18, David Karlin wrote:
> Hi,
> I'm trying to use Tortoise for the first time and having trouble with authentication. Sequence of events is this:
> I open the Tortoise repository browser. In response to the request to specify the repository, I say:
> https://svn.mydomain/svn/repository
> After ignoring the complaint about an unknown certificate provider, this seems fine, and I can see the directory structure in the repository (worrying, since I haven't given a password yet).
> I now try to create a directory. The system asks me for a username and password. I give the correct username and password. However, this is not accepted. The dialog simply repeats until I eventually give up and cancel out of it.
> This set up is fine - if I go my Mac (which I use for PHP development) and type:
> svn mkdir -m"stuff" https://svn.mydomain/svn/repository/somedirectory
> everything is fine.
> Relevant lines from my Apache configuration:
> <Location /svn>
> DAV svn
> SVNParentPath /var/svn
> AuthType Basic
> AuthName "mydomain subversion repository"
> AuthUserFile /etc/svn-auth-file
> Require valid-user
> # Require SSL connection for password protection.
> SSLRequireSSL
> </LimitExcept>
> </Location>
> So two questions:
> (1) How did TortoiseSVN read my repository, apparently without a password?

You're allowing read access for anonymous users (the "LimitExcept"
statement does that).

> (2) How can I get the create directory to work? Why is it kicking me out?

Problem is: you've allowed anonymous read access. So that's what
Subversion first tries - the anonymous user. That fails for write access.
Also, the authentication always succeeds, it's the authorization that
fails for the write access.
You should configure your server to either disallow anonymous read
access, or configure it so that anonymous read access goes over a
different url (e.g., http instead of https). Most SVN servers are set up
that way: anonymous read access over http, but for authenticated full
access it's over https.


   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest Interface to (Sub)Version Control
    /_/   \_\     http://tortoisesvn.net
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-01-19 21:41:39 CET

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.