From users-return-5255-daniel=haxx.se@subversion.apache.org Fri Oct 8 17:34:10 2010 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on giant.haxx.se X-Spam-Level: X-Spam-Status: No, score=0.5 required=3.0 tests=BAYES_00,FREEMAIL_FROM, HTML_MESSAGE,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=no version=3.3.1 Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o98FY9Xg026251 for ; Fri, 8 Oct 2010 17:34:09 +0200 Received: (qmail 62328 invoked by uid 500); 8 Oct 2010 15:34:01 -0000 Mailing-List: contact users-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@subversion.apache.org Received: (qmail 62321 invoked by uid 99); 8 Oct 2010 15:34:01 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 08 Oct 2010 15:34:01 +0000 X-ASF-Spam-Status: No, hits=4.4 required=10.0 tests=FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS Received-SPF: pass (nike.apache.org: domain of ibazar83@gmail.com designates 74.125.83.43 as permitted sender) Received: from [74.125.83.43] (HELO mail-gw0-f43.google.com) (74.125.83.43) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 08 Oct 2010 15:33:54 +0000 Received: by gwb19 with SMTP id 19so428331gwb.16 for ; Fri, 08 Oct 2010 08:33:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=F3eWIigyEXLVXg4uPUU529FE48estCs2XVlYUvO21nQ=; b=EH7B2N14fFvnLJb0GTTOM/ihnDy7jDMaDYVkh1/FHmDcYed9N2C2dfTC2nThfTnlRM 82DcYFcJlzb2X/NAmwurGIq0gbyg9LeK+4YnKYHSvxp/Vxcwq7tYy2vYnfP7rI6Ibczv 9jIZI5kIN+DlZC8u3BurDGaT9OKuxl5FwgIdo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=hBfkilqtuDBqymhfYUAA7+190CVwUs1ih/ZPArH0WK0YlwGHjeXRVoVoSxcGXsYT8g OoHTUDzKgfarQWtyELCE4BFN4W07PuWQzhA9RMuXSLwcgZw1DV4JwfHO0W92tZTPuGkV FIc3Vvp1+EatLpNtiOvSCP+u6Wu40g3BklxVc= MIME-Version: 1.0 Received: by 10.151.83.13 with SMTP id k13mr3249839ybl.54.1286552013088; Fri, 08 Oct 2010 08:33:33 -0700 (PDT) Received: by 10.151.14.12 with HTTP; Fri, 8 Oct 2010 08:33:33 -0700 (PDT) In-Reply-To: References: Date: Fri, 8 Oct 2010 17:33:33 +0200 Message-ID: Subject: Re: User authentication\authorization upper-lower case From: Claudio Corona To: Bob Archer Cc: "users@subversion.apache.org" Content-Type: multipart/alternative; boundary=000e0cd3be46b9db1f04921cbbe6 X-Virus-Checked: Checked by ClamAV on apache.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 08 Oct 2010 17:34:10 +0200 (CEST) X-Friend: Nope --000e0cd3be46b9db1f04921cbbe6 Content-Type: text/plain; charset=ISO-8859-1 On Fri, Oct 8, 2010 at 5:30 PM, Bob Archer wrote: > > >> Hi all. I have a problem with SVN. I have the (only) user > > >> 'test_user' (in the 'passwd' file) having 'rw' on the entire > > >> repository. Why am I able to get *authenticated* with the user > > >> 'TESTUSER' (but not *authorized* to commit)? Note that only > > >> authenticated user can access and read from my repository, so > > >> 'TESTUSER' should not be authenticated, as it happens for all > > the > > >> users not appearing in the passwd file, for example the > > 'BlaBlaBla' > > >> user. > > >> Thanks > > >You probably have anon access allowed. Are you using svn or > > apache/http? Perhaps showing us your config file would help. I > > >think authorization is only applied to authenticated users. > > > > >BOb > > > > anon-access = none > > password-db = passwd > > authz-db = authz > > > > I'm using svn (svnserve.exe). There is a mistake in the previous > > post: 'test_user' is without the '_' character. So the only user in > > passwd is 'testuser'. Every user different from 'testuser' does not > > get authentication, while 'TESTUSER' gets authentication, but he's > > not authorized to commit. (while 'testuser' is). It seems that > > 'TESTUSER' and 'testuser' are the same from the authentication > > point of view, while they are different from the authorization > > point of view. Instead, I would expect for 'TESTUSER' to not be > > authenticated. Am I right or am I missing something? Thanks. > > On Fri, Oct 8, 2010 at 4:51 PM, Bob Archer > > wrote: > > You are possibly correct. I know that svn is case sensitive. However, the > authentication may not be. If you authenticate using lower case can you do > your commit? > > BOb > > Sure, 'testuser' can commit --000e0cd3be46b9db1f04921cbbe6 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Fri, Oct 8, 2010 at 5:30 PM, Bob Archer <Bob.Archer@amsi.com= > wrote:
> >> Hi all. I have a problem wi= th SVN. I have the (only) user
> >> 'test_user' (in the 'passwd' file) having = 9;rw' on the entire
> >> repository. Why am I able to get *authenticated* with the use= r
> >> 'TESTUSER' (but not *authorized* to commit)? Note tha= t only
> >> authenticated user can access and read from my repository, so=
> >> 'TESTUSER' should not be authenticated, as it happens= for all
> the
> >> users not appearing in the passwd file, for example the
> 'BlaBlaBla'
> >> user.
> >> Thanks
> >You probably have anon access allowed. Are you using svn or
> apache/http? Perhaps showing us your config file would help. I
> >think authorization is only applied to authenticated users.
>
> >BOb
>
> anon-access =3D none
> password-db =3D passwd
> authz-db =3D authz
>
> I'm using svn (svnserve.exe). There is a mistake in the previous > post: 'test_user' is without the '_' character. So the= only user in
> passwd is 'testuser'. Every user different from 'testuser&= #39; does not
> get authentication, while 'TESTUSER' gets authentication, but = he's
> not authorized to commit. (while 'testuser' is). It seems that=
> 'TESTUSER' and 'testuser' are the same from the authen= tication
> point of view, while they are different from the authorization
> point of view. Instead, I would expect for 'TESTUSER' to not b= e
> authenticated. Am I right or am I missing something? Thanks.
> On Fri, Oct 8, 2010 at 4:51 PM, Bob Archer <Bob.Archer@amsi.com>
> wrote:

You are possibly correct. I know that svn is case sensitive. Ho= wever, the authentication may not be. If you authenticate using lower case = can you do your commit?

BOb


Sure, 'testuser' can commit
--000e0cd3be46b9db1f04921cbbe6--