You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Stephen Davis <su...@soundgeek.org> on 2005/03/06 18:55:20 UTC
bug or user confusion?
I was playing around with svnserve and created a scenario that seems
like a bug. Admittedly, it's contrived. I'll file an issue if
confirmed as a bug.
# assuming a repo at /svn
# create svnserve.conf like so:
[general]
password-db = users
realm = soundgeek
# anonymous users can do nothing
anon-access = none
# authenticated users can both read and write
auth-access = write
# create a users file like so (note that user1 and user2 have the same
password):
[users]
user1 = passw
user2 = passw
# run svnserve
svnserve -d
# co repo as user1
svn co svn://localhost/svn user1 --username user1
< enter password >
# co repo as user2
svn co svn://localhost/svn user2 --username user2
*** no password is requested and the checkout occurs ***
If I look in the auth/svn.simple/ file for this realm, it has been
updated with user2's username.
K 8
password
V 5
passw
K 15
svn:realmstring
V 32
<svn://localhost:3690> soundgeek
K 8
username
V 5
user2
END
Even though the passwords are the same, should the auth system be
picking up the cached password from user1? Maybe this is by design but
it seems kind of odd to me.
stephen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: bug or user confusion?
Posted by Stephen Davis <su...@soundgeek.org>.
On Mar 6, 2005, at 12:15 PM, Max Bowsher wrote:
> Stephen Davis wrote:
>> I was playing around with svnserve and created a scenario that seems
>> like a bug. Admittedly, it's contrived. I'll file an issue if
>> confirmed as a bug.
>> # assuming a repo at /svn
>> # create svnserve.conf like so:
>> [general]
>> password-db = users
>> realm = soundgeek
>> # anonymous users can do nothing
>> anon-access = none
>> # authenticated users can both read and write
>> auth-access = write
>> # create a users file like so (note that user1 and user2 have the same
>> password):
>> [users]
>> user1 = passw
>> user2 = passw
>> # run svnserve
>> svnserve -d
>> # co repo as user1
>> svn co svn://localhost/svn user1 --username user1
>> < enter password >
>> # co repo as user2
>> svn co svn://localhost/svn user2 --username user2
>> *** no password is requested and the checkout occurs ***
>> If I look in the auth/svn.simple/ file for this realm, it has been
>> updated with user2's username.
>> K 8
>> password
>> V 5
>> passw
>> K 15
>> svn:realmstring
>> V 32
>> <svn://localhost:3690> soundgeek
>> K 8
>> username
>> V 5
>> user2
>> END
>> Even though the passwords are the same, should the auth system be
>> picking up the cached password from user1? Maybe this is by design
>> but
>> it seems kind of odd to me.
>
> Seems like a bug to me - a fairly minor bug, but a bug nonetheless.
> Please go ahead and file.
http://subversion.tigris.org/issues/show_bug.cgi?id=2242
stephen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: bug or user confusion?
Posted by Max Bowsher <ma...@ukf.net>.
Stephen Davis wrote:
> I was playing around with svnserve and created a scenario that seems
> like a bug. Admittedly, it's contrived. I'll file an issue if
> confirmed as a bug.
>
> # assuming a repo at /svn
>
> # create svnserve.conf like so:
> [general]
> password-db = users
> realm = soundgeek
>
> # anonymous users can do nothing
> anon-access = none
>
> # authenticated users can both read and write
> auth-access = write
>
> # create a users file like so (note that user1 and user2 have the same
> password):
> [users]
> user1 = passw
> user2 = passw
>
> # run svnserve
> svnserve -d
>
> # co repo as user1
> svn co svn://localhost/svn user1 --username user1
> < enter password >
>
> # co repo as user2
> svn co svn://localhost/svn user2 --username user2
>
> *** no password is requested and the checkout occurs ***
>
> If I look in the auth/svn.simple/ file for this realm, it has been
> updated with user2's username.
>
> K 8
> password
> V 5
> passw
> K 15
> svn:realmstring
> V 32
> <svn://localhost:3690> soundgeek
> K 8
> username
> V 5
> user2
> END
>
> Even though the passwords are the same, should the auth system be
> picking up the cached password from user1? Maybe this is by design but
> it seems kind of odd to me.
Seems like a bug to me - a fairly minor bug, but a bug nonetheless.
Please go ahead and file.
Max.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org