[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN E170001: Authentication error with specific user/realm/pw combinations while many other work!

From: Nico Kadel-Garcia <nkadel_at_gmail.com>
Date: Sat, 14 Apr 2018 11:49:26 -0400

Sorry, hit "send" too early on my previous note!

>> On 13.04.2018 19:55, NOCERA, ANDY wrote:
>>>
>>> Summary: SVN E170001: Authentication error with specific user/realm/pw
>>> combinations while many other work!
>>>
>>>
>>>
>>>
>>>
>>> Observations/Workarounds
>>>
>>>
>>>
>>> While there is a work around, by simply changing the password, we have
>>> an unusual reoccurring issue with some user/realm/password
>>> combinations. It’s a problem
>>>
>>> setting the same password to many repos.
>>>
>>>
>>>
>>> The issue shows up under both CRAM-MD5 and DIGEST-MD5, but not for the
>>> same user/realm/password.
>>>
>>>
>>>
>>>
>>>
>>> From and SVN perspective:
>>>
>>> How do I get svn/svnserve to log the hashed response so I can compare
>>> it outside of SASL and MYSQL.

I think you're going to hurt yourself. My working assumption is that
you've used a customized httpd configuration to manage authentication
through a MySQL back end, and the issue has nothing to do with
Subversion itself. It has to do with maintenance of that MySQL back
end. If possible, set up a test server to allow the same
authentication technology to access a simple testable website, even a
folder with just "index.html" in it, and test your password based
access to *that*, ideally with an entirely distinct user.

Mind you, storing passwords in MySQL is its own potential adventure.
It's useful, but many implementations have been quite poor. Why are
you doing this?

Also, are there other processes which may be uploading or modifing
passwords for your back end, and resetting them? Or is there a MySQL
cluster which has, perhaps, become split brain and keeps passing
around broken password rows in your MySQL database?
Received on 2018-04-14 17:49:31 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.