--username and --password ignored with NTLM authentication?

From: Craig Holmquist <craig.holmquist_at_neurotronics.com>
Date: Tue, 4 Aug 2009 15:06:24 -0400

I've noticed that in Subversion 1.6.3 (and probably all earlier versions),
if the server sends an NTLM challenge, and client responds with the
logged-in user's credentials even if the --username and --password command
line options are given. That is, the name in the revision log is the
logged-in user instead of the user passed on the command line.

Is this intentional? In my opinion it's counterintuitive. The Subversion
book states that --username and --password take precedence over any cached
credentials; wouldn't a user reasonably assume these options would take
precedence over the default NTLM credentials (that is, the credentials for
the user currently logged into Windows) as well?

As far as I can tell, there's no workaround for this other than editing the
"servers" config to remove "negotiate" from http-auth-types. Otherwise,
there's no way to specify a different user from the command line if the
server is set up for NTLM.

All the above results were obtained using the https protocol. I got similar
results with both neon and serf. The server is Apache 2.2.11 using
mod_auth_sspi/1.0.4.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2380126

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-04 21:09:07 CEST

This message: [ Message body ]
Next message: NoahJ32: "Re: Subversion+Apache mod_dav_svn/mod_authz_svn Issues"
Previous message: Richard Lichvar: "RE: HELP!! Unable To Log In"
Next in thread: Ryan Schmidt: "Re: --username and --password ignored with NTLM authentication?"
Reply: Ryan Schmidt: "Re: --username and --password ignored with NTLM authentication?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]