Re: 1.5 clients can't authenticate to 1.4.6 Server

From: Joe Orton <jorton_at_redhat.com>
Date: Fri, 31 Oct 2008 09:15:29 +0000

On Wed, Oct 29, 2008 at 11:49:03AM -0600, dan wrote:
> Here is the relevant portion of our apache.conf file:
>
> <Location /subversion >
> Order allow,deny
> Allow from all
> DAV svn
> SVNParentPath /home/subversion
>
> AuthzSVNAccessFile /home/subversion/svn.auth
> AuthType Digest
> AuthName "Subversion"
> AuthDigestProvider file
> AuthUserFile /home/webauth/webauth.password
> AuthDigestDomain /webauth

The AuthDigestDomain configuration is incorrect, it specifies a
protection domain which excludes the location you are trying to protect.
Remove the directive, or use, e.g.

AuthDigestDomain /subversion

See the docs for more details:

http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#AuthDigestDomain

(versions of neon older than 0.28.0 did not validate the domain
parameter sent to the client, but new ones do)

Regards, Joe

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-10-31 10:16:02 CET

This message: [ Message body ]
Next message: paptimusx: "Re: How should I do to return it to the state before wc is changed?"
Previous message: paptimusx: "Re: How should I do to return it to the state before wc is changed?"
In reply to: dan: "1.5 clients can't authenticate to 1.4.6 Server"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]