[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: Apache 2 and Windows domain authentication - authorization failure (almost certainly a bug?)

From: Walter Nicholls <walter.nicholls_at_cornerstone.co.nz>
Date: 2003-07-27 02:58:48 CEST

> ======= Summary ======
> Since Web browser + SSPI authentication to whoami.pl works, and shows
> user name in the access log, but
> Web browser + SSPI authentaction to subversion Does not work, and
> ^^^^^^^^^^^
> I assume you mean Subversion client.

Absolutely. More specifically:

  browser + SSPI auth to Apache + whoami.pl works
  browser + SSPI auth to Apache + mod_dav_svn works (GET requests only,
  subversion client + SSPI auth to Apache + mod_dav_svn does not work.

>> I conclude it is Subversion's fault. Should this be posted to DEV
then? <g>
> Probably. Or maybe the neon list.

Hmm ... certainly sounds like Neon. It does not *appear* to be a problem
at the subversion server (mod_dav_svn). Apache has already dealt with
all the SSPI issues, so if the client used it, it would surely
authenticate fine. From what I can tell, all the basic connection stuff
is Neon.

Oddly enough I wasn't the only person to ask on this list yesterday. As
he rightly points out, the server install document on the TortoiseSVN
web site even explains how to set up SSPI. That it doesn't actually work
is a big shame, and this document should point this out. Is the author
lurking on this list?

Although my current source control system (SourceUnSafe as we call it)
doesn't actually use NTLM authentication either, I would prefer that my
replacement (hopefully subversion) will.

My daughter (age 2) is about to destroy the server room, so I won't
explore the neon issue just today...

- Walter

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Jul 27 02:55:25 2003

This is an archived mail posted to the Subversion Users mailing list.