I agree that anon-access=read should work. From looking at the code,
I'm not sure whether the SASL glue logic signals "I couldn't auth this
user", or just returns an error. In the meantime, as a workaround, does
adding ANONYMOUS to the mech_list achieve the desired behaviour?
Gingko wrote on Wed, Nov 10, 2010 at 21:04:50 +0100:
> ----- Original Message ----- From: "Gingko"
> <from_tigris_at_nospam.homelinux.org>
> To: "Subversion User List" <users_at_subversion.apache.org>
> Sent: Wednesday, November 10, 2010 5:39 PM
> Subject: svnserve : anonymous access not working
>
>
>> Hello,
>>
>> I have a problem with svnserve :
>>
>> I want to configure it for allowing anonymous users to read it, but this
>> don't work :
>> if I checkout (using TortoiseSVN), I am always asked to supply my
>> password.
>>
>> If I do it, the checkout works fine.
>>
>> Otherwise I cannot checkout.
>>
>> And if I click "OK" (in the TortoiseSVN authentication dialog) without
>> giving any authentication (leaving all fields empty), I get the following
>> message :
>>
>> SASL(-1): generic failure: Unable to find a callback: 2
>>
>> svnserve (from Subversion 1.6.12) runs on a Linux server with Debian lenny
>> 5.0 (64 bit edition).
>>
>> The "svnserve.conf" file for that repository contains the following :
>> ------------------------------------------------------------------------------------------------
>> [general]
>> anon-access = read
>> auth-access = write
>> realm = Référentiel Pouchin TV Mod
>>
>> [sasl]
>> use-sasl = true
>> min-encryption = 128
>> max-encryption = 256
>> ------------------------------------------------------------------------------------------------
>>
>> For SASL, I have also a "svn.conf" file in the "/etc/" directory,
>> containing the
>> following :
>> ------------------------------------------------------------------------------------------------
>> pwcheck_method: auxprop
>> auxprop_plugin: sasldb
>> sasldb_path: /var/lib/svn/sasldb
>> mech_list: DIGEST-MD5
>> ------------------------------------------------------------------------------------------------
>>
>> Note that there is also an Apache access, running concurrently, which
>> works
>> fine for anonymous reading. But I also want this anonymous access on
>> svnserve.
>>
>> svnserve is configured for logging all accesses, but the log doesn't
>> record
>> anything during theses failing anonymous accesses.
>>
>> svnserve is launched through the "inetd.conf" file, and the corresponding
>> line is :
>>
>> svn stream tcp nowait www-data
>> /usr/bin/svnserve svnserve -i --log-file /var/log/svnserve.log -r
>> /var/lib/svn
>>
>> I don't understand why it doesn't work.
>>
>> Isn't it enough to set "anon-access = read" for allowing anonymous reading
>> access ?
>> What am I doing wrong ?
>>
>> Best regards,
>>
>> Gingko
>
>
>
> Hello again,
>
> While searching on the web, I found a one year old message thread from
> this very same list describing, on its very last message, a case that
> looks like my one.
>
> Unfortunately, the question has never been answered (maybe because not
> clearly asked, or maybe because the message was sent just before
> Subversion moved from Tigris to Apache?).
>
> http://svn.haxx.se/users/archive-2009-11/0313.shtml
>
> Please, could you confirm that it is really possible to use svnserve with
> SASL (for writing), AND allowing anonymous read access at once?
>
> Gingko
>
>
>
Received on 2010-11-10 22:49:39 CET