[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: User authentication\authorization upper-lower case

From: Claudio Corona <ibazar83_at_gmail.com>
Date: Fri, 8 Oct 2010 17:33:33 +0200

On Fri, Oct 8, 2010 at 5:30 PM, Bob Archer <Bob.Archer_at_amsi.com> wrote:

> > >> Hi all. I have a problem with SVN. I have the (only) user
> > >> 'test_user' (in the 'passwd' file) having 'rw' on the entire
> > >> repository. Why am I able to get *authenticated* with the user
> > >> 'TESTUSER' (but not *authorized* to commit)? Note that only
> > >> authenticated user can access and read from my repository, so
> > >> 'TESTUSER' should not be authenticated, as it happens for all
> > the
> > >> users not appearing in the passwd file, for example the
> > 'BlaBlaBla'
> > >> user.
> > >> Thanks
> > >You probably have anon access allowed. Are you using svn or
> > apache/http? Perhaps showing us your config file would help. I
> > >think authorization is only applied to authenticated users.
> >
> > >BOb
> >
> > anon-access = none
> > password-db = passwd
> > authz-db = authz
> >
> > I'm using svn (svnserve.exe). There is a mistake in the previous
> > post: 'test_user' is without the '_' character. So the only user in
> > passwd is 'testuser'. Every user different from 'testuser' does not
> > get authentication, while 'TESTUSER' gets authentication, but he's
> > not authorized to commit. (while 'testuser' is). It seems that
> > 'TESTUSER' and 'testuser' are the same from the authentication
> > point of view, while they are different from the authorization
> > point of view. Instead, I would expect for 'TESTUSER' to not be
> > authenticated. Am I right or am I missing something? Thanks.
> > On Fri, Oct 8, 2010 at 4:51 PM, Bob Archer <Bob.Archer_at_amsi.com>
> > wrote:
>
> You are possibly correct. I know that svn is case sensitive. However, the
> authentication may not be. If you authenticate using lower case can you do
> your commit?
>
> BOb
>
>
Sure, 'testuser' can commit
Received on 2010-10-08 17:34:10 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.