You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Ro...@enercon.de on 2008/10/23 11:50:09 UTC
Browsing via HTTPS needs authentication
Hi there,
I configured a Win32 Apache Server with the SSPI mod to use the Windows
Domain User data in TortoiseSVN. It all works really fine.
But when I'm browings via the Internet Explorer in the repository trees, I
don't need to verify my user account.
So everybody can download data from the repositories.
What do I have to change so the SSPI authentication works on the web, too?
Mit freundlichen Grüßen
Robin Güldenpfennig
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robin Güldenpfennig
Service IT / SCADA Department
ENERCON Service Center
Dornumer Straße 20
26607 Aurich / Germany
mailto:Robin.Gueldenpfennig@enercon.de
http://www.enercon.de
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
eines technischen Fehlers oder eines Versehens erhalten haben, informieren
Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
enthaltenen Informationen an Dritte ist nicht gestattet.
This e-mail message together with its attachments, if any, is confidential
and may contain information subject to legal privilege (e.g.
attorney-client-privilege). If you are not the intended recipient or have
received this e-mail in error, please inform us immediately and delete this
message. Any unauthorised copying of this message (and attachments) or
unauthorised distribution of the information contained herein is
prohibited.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Antwort: RE: Antwort: Re: Browsing via HTTPS needs authentication
Posted by Ro...@enercon.de.
Hi Paul,
I'm not that far with configuring my Apache server. But I'm right on it to
include an AuthzSVNAccessFile.
I will keep you up to date with my upcomming solutions.
Mit freundlichen Grüßen
Robin Güldenpfennig
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robin Güldenpfennig
Service IT / SCADA Department
ENERCON Service Center
Dornumer Straße 20
26607 Aurich / Germany
mailto:Robin.Gueldenpfennig@enercon.de
http://www.enercon.de
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
eines technischen Fehlers oder eines Versehens erhalten haben, informieren
Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
enthaltenen Informationen an Dritte ist nicht gestattet.
This e-mail message together with its attachments, if any, is confidential
and may contain information subject to legal privilege (e.g.
attorney-client-privilege). If you are not the intended recipient or have
received this e-mail in error, please inform us immediately and delete this
message. Any unauthorised copying of this message (and attachments) or
unauthorised distribution of the information contained herein is
prohibited.
"Gillis, Paul"
<pgillis@insight-
tek.com> An
<Ro...@enercon.de>
23.10.2008 14:59 , "vishwajeet singh"
<de...@gmail.com>
Kopie
<us...@subversion.tigris.org>
Thema
RE: Antwort: Re: Browsing via
HTTPS needs authentication
I missed the answer to your question. What was it?
I have the same Windows SSPI setup here and an IE browser does not
recognize any of the repository folder level read restrictions in my
AuthzSVNAccessFile. But the TSVN and SVN clients do.
- Paul
>-----Original Message-----
>From: Robin.Gueldenpfennig@enercon.de
>[mailto:Robin.Gueldenpfennig@enercon.de]
>Sent: Thursday, October 23, 2008 8:45 AM
>To: vishwajeet singh
>Cc: users@subversion.tigris.org
>Subject: Antwort: Re: Browsing via HTTPS needs authentication
>
>Hi and thanks for the fast answer!
>
>You are kind of right. The SSPI mod also checks your domain account when
>accessing via a browser. From outside the corporation domain there is no
>access.
>I just checked the apache logs and I think this no more problem now.
>
>best regards
>Robin Güldenpfennig
>
>
>
>
>
> "vishwajeet
> singh"
> <dextrous85@gmail An
> .com> Robin.Gueldenpfennig@enercon.de
> Kopie
> 23.10.2008 14:27 users@subversion.tigris.org
> Thema
> Re: Browsing via HTTPS needs
> authentication
>
>
>
>
>
>
>
>
>
>
>It work works fine with web too but Internet explorer shows extra ordernay
>talent by automatically passing your credentials.
>You can test this with any other browser; it will definetley prompt you
for
>password.
>or for quick check you can ask some on who does not have access to
>repository to browse through repository or you can try even your self by
>clearing cahce.
>
>2008/10/23 <Ro...@enercon.de>
>
> Hi there,
>
> I configured a Win32 Apache Server with the SSPI mod to use the
> Windows
> Domain User data in TortoiseSVN. It all works really fine.
>
> But when I'm browings via the Internet Explorer in the repository
> trees, I
> don't need to verify my user account.
>
> So everybody can download data from the repositories.
>
> What do I have to change so the SSPI authentication works on the
web,
> too?
>
> Mit freundlichen Grüßen
> Robin Güldenpfennig
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Robin Güldenpfennig
> Service IT / SCADA Department
>
> ENERCON Service Center
> Dornumer Straße 20
> 26607 Aurich / Germany
>
> mailto:Robin.Gueldenpfennig@enercon.de
> http://www.enercon.de
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Diese E-Mail und mögliche Anhänge enthalten vertrauliche
> Informationen, die
> rechtlich besonders geschützt sein können. Wenn Sie nicht der
> beabsichtigte
> Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
> aufgrund
> eines technischen Fehlers oder eines Versehens erhalten haben,
> informieren
> Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
> unbefugte
> Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
> Weitergabe der
> enthaltenen Informationen an Dritte ist nicht gestattet.
>
> This e-mail message together with its attachments, if any, is
> confidential
> and may contain information subject to legal privilege (e.g.
> attorney-client-privilege). If you are not the intended recipient or
> have
> received this e-mail in error, please inform us immediately and
> delete this
> message. Any unauthorised copying of this message (and attachments)
> or
> unauthorised distribution of the information contained herein is
> prohibited.
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>
>
>--
>Cheers,
>Vishwajeet
>http://www.singhvishwajeet.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org
This e-mail message and all attachments thereto may contain technical data
that is subject to export control regulations, or confidential material,
and is for the sole use of the intended recipients. Review, dissemination,
or other use by anyone else is prohibited. If you are not an intended
recipient, please contact the sender and delete all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Browsing via HTTPS needs authentication
Posted by Ro...@enercon.de.
Hi Paul,
I think the problem is that:
> [/]
> * = r
> @admin = rw
It means that everyboy gets read access to every repository under your root
directory. But in that case TortoiseSVN should react like that, too.
Hmm. Just out comment "* = r" and check the effects.
Mit freundlichen Grüßen
Robin Güldenpfennig
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robin Güldenpfennig
Service IT / SCADA Department
ENERCON Service Center
Dornumer Straße 20
26607 Aurich / Germany
mailto:Robin.Gueldenpfennig@enercon.de
http://www.enercon.de
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
eines technischen Fehlers oder eines Versehens erhalten haben, informieren
Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
enthaltenen Informationen an Dritte ist nicht gestattet.
This e-mail message together with its attachments, if any, is confidential
and may contain information subject to legal privilege (e.g.
attorney-client-privilege). If you are not the intended recipient or have
received this e-mail in error, please inform us immediately and delete this
message. Any unauthorised copying of this message (and attachments) or
unauthorised distribution of the information contained herein is
prohibited.
"Gillis, Paul" <pg...@insight-tek.com> schrieb am 27.10.2008 16:06:53:
>
> Hi Robin,
>
> With an AuthzSVNAccessFile that looks like this, I expect that I
> would not be able to open the Release subfolder in my Test
> repository. SVN and TSVN will not let me. But with an IE browser,
> I can open it and view its content.
>
> [groups]
> admin = gillis_p, patel_n
> eng = brock_c, richardson_d
>
> [/]
> * = r
> @admin = rw
>
> [Test:/]
> @admin = rw
> richardson_d = rw
> [Test:/Release]
> gillis_p =
>
>
> - Paul
>
> >-----Original Message-----
> >From: Robin.Gueldenpfennig@enercon.de
> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >Sent: Monday, October 27, 2008 7:10 AM
> >To: Gillis, Paul
> >Cc: users@subversion.tigris.org
> >Subject: Antwort: RE: Browsing via HTTPS needs authentication
> >
> >Yes, exactly. We are using Internet Explorer Version 6.0
> >
> >How does your svn access file look like? Your authentication goes
through
> >SSPI?
> >
> >Mit freundlichen Grüßen
> >Robin Güldenpfennig
> >
> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >Robin Güldenpfennig
> >Service IT / SCADA Department
> >
> >ENERCON Service Center
> >Dornumer Straße 20
> >26607 Aurich / Germany
> >
> >mailto:Robin.Gueldenpfennig@enercon.de
> >http://www.enercon.de
> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen,
die
> >rechtlich besonders geschützt sein können. Wenn Sie nicht der
beabsichtigte
> >Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
aufgrund
> >eines technischen Fehlers oder eines Versehens erhalten haben,
informieren
> >Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
unbefugte
> >Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe
der
> >enthaltenen Informationen an Dritte ist nicht gestattet.
> >
> >This e-mail message together with its attachments, if any, is
confidential
> >and may contain information subject to legal privilege (e.g.
> >attorney-client-privilege). If you are not the intended recipient or
have
> >received this e-mail in error, please inform us immediately and delete
this
> >message. Any unauthorised copying of this message (and attachments) or
> >unauthorised distribution of the information contained herein is
> >prohibited.
> >
> >"Gillis, Paul" <pg...@insight-tek.com> schrieb am 27.10.2008 12:00:45:
> >
> >> So are you saying that devTeam01 cannot open Project2 with an IE
browser?
> >
> >> I can get a browser to open all my repositories. I just can't read
> >> restrict them with the permissions that are set in my
AuthzSVNAccessfile.
> >>
> >> Thanks!
> >>
> >> - Paul
> >>
> >> >-----Original Message-----
> >> >From: Robin.Gueldenpfennig@enercon.de
> >> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >> >Sent: Friday, October 24, 2008 6:07 AM
> >> >To: Gillis, Paul
> >> >Cc: users@subversion.tigris.org
> >> >Subject: Re: Browsing via HTTPS needs authentication
> >> >
> >> >Hi Paul,
> >> >
> >> >I set up an AuthzSVNAccessfile now. It's working fine with IE browser
> >and
> >> >with TortoiseSVN
> >> >
> >> >It looks like that:
> >> >
> >> >[groups]
> >> >admin = rgueldenpfennig
> >> >devTeam01 = bjohnson, kdirk
> >> >devtTeam02 = lkeys, rmeier
> >> >
> >> >=======================
> >> >svnaccessfile.conf
> >> >
> >> >[/]
> >> >@admin = rw
> >> >
> >> >[Project1:/]
> >> >@devTeam01 = rw
> >> >bschulte = r
> >> >
> >> >[Project2:/]
> >> >@devTeam02 = rw
> >> >
> >> >=======================
> >> >
> >> >The whole authentication goes over the SSPI module
> >> >
> >> >Mit freundlichen Grüßen
> >> >Robin Güldenpfennig
> >> >
> >> >"Gillis, Paul" <pg...@insight-tek.com> schrieb am 23.10.2008
14:58:46:
> >> >
> >> >> I missed the answer to your question. What was it?
> >> >>
> >> >> I have the same Windows SSPI setup here and an IE browser does not
> >> >> recognize any of the repository folder level read restrictions in
my
> >> >> AuthzSVNAccessFile. But the TSVN and SVN clients do.
> >> >>
> >> >> - Paul
> >> >>
> >> >> >-----Original Message-----
> >> >> >From: Robin.Gueldenpfennig@enercon.de
> >> >> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >> >> >Sent: Thursday, October 23, 2008 8:45 AM
> >> >> >To: vishwajeet singh
> >> >> >Cc: users@subversion.tigris.org
> >> >> >Subject: Antwort: Re: Browsing via HTTPS needs authentication
> >> >> >
> >> >> >Hi and thanks for the fast answer!
> >> >> >
> >> >> >You are kind of right. The SSPI mod also checks your domain
account
> >when
> >> >> >accessing via a browser. From outside the corporation domain there
is
> >no
> >> >> >access.
> >> >> >I just checked the apache logs and I think this no more problem
now.
> >> >> >
> >> >> >best regards
> >> >> >Robin Güldenpfennig
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> > "vishwajeet
> >> >> > singh"
> >> >> > <dextrous85@gmail
> >> >An
> >> >> > .com>
> >Robin.Gueldenpfennig@enercon.de
> >> >> >
> >> >Kopie
> >> >> > 23.10.2008 14:27
users@subversion.tigris.org
> >> >> >
> >> >Thema
> >> >> > Re: Browsing via HTTPS
needs
> >> >> > authentication
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >It work works fine with web too but Internet explorer shows extra
> >> >ordernay
> >> >> >talent by automatically passing your credentials.
> >> >> >You can test this with any other browser; it will definetley
prompt
> >you
> >> >for
> >> >> >password.
> >> >> >or for quick check you can ask some on who does not have access to
> >> >> >repository to browse through repository or you can try even your
self
> >by
> >> >> >clearing cahce.
> >> >> >
> >> >> >2008/10/23 <Ro...@enercon.de>
> >> >> >
> >> >> > Hi there,
> >> >> >
> >> >> > I configured a Win32 Apache Server with the SSPI mod to use
the
> >> >> > Windows
> >> >> > Domain User data in TortoiseSVN. It all works really fine.
> >> >> >
> >> >> > But when I'm browings via the Internet Explorer in the
> >repository
> >> >> > trees, I
> >> >> > don't need to verify my user account.
> >> >> >
> >> >> > So everybody can download data from the repositories.
> >> >> >
> >> >> > What do I have to change so the SSPI authentication works on
> >the
> >> >web,
> >> >> > too?
> >> >> >
> >> >> > Mit freundlichen Grüßen
> >> >> > Robin Güldenpfennig
> >> >> >
> >> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >> >> > Robin Güldenpfennig
> >> >> > Service IT / SCADA Department
> >> >> >
> >> >> > ENERCON Service Center
> >> >> > Dornumer Straße 20
> >> >> > 26607 Aurich / Germany
> >> >> >
> >> >> > mailto:Robin.Gueldenpfennig@enercon.de
> >> >> > http://www.enercon.de
> >> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >> >> > Diese E-Mail und mögliche Anhänge enthalten vertrauliche
> >> >> > Informationen, die
> >> >> > rechtlich besonders geschützt sein können. Wenn Sie nicht
der
> >> >> > beabsichtigte
> >> >> > Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail
> >etwa
> >> >> > aufgrund
> >> >> > eines technischen Fehlers oder eines Versehens erhalten
haben,
> >> >> > informieren
> >> >> > Sie uns bitte sofort und löschen Sie anschließend die
E-Mail.
> >Das
> >> >> > unbefugte
> >> >> > Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
> >> >> > Weitergabe der
> >> >> > enthaltenen Informationen an Dritte ist nicht gestattet.
> >> >> >
> >> >> > This e-mail message together with its attachments, if any,
is
> >> >> > confidential
> >> >> > and may contain information subject to legal privilege (e.g.
> >> >> > attorney-client-privilege). If you are not the intended
> >recipient
> >> >or
> >> >> > have
> >> >> > received this e-mail in error, please inform us immediately
and
> >> >> > delete this
> >> >> > message. Any unauthorised copying of this message (and
> >> >attachments)
> >> >> > or
> >> >> > unauthorised distribution of the information contained
herein
> >is
> >> >> > prohibited.
> >> >> >
> >> >> >
> >> >> >
> >> >---------------------------------------------------------------------
> >> >> > To unsubscribe, e-mail:
users-unsubscribe@subversion.tigris.org
> >> >> > For additional commands, e-mail:
> >users-help@subversion.tigris.org
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >--
> >> >> >Cheers,
> >> >> >Vishwajeet
> >> >> >http://www.singhvishwajeet.com
> >> >> >
> >> >> >
> >> >>
>---------------------------------------------------------------------
> >> >> >To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> >> >For additional commands, e-mail: users-help@subversion.tigris.org
> >> >>
> >> >>
> >> >>
> >> >> This e-mail message and all attachments thereto may contain
> >> >> technical data that is subject to export control regulations, or
> >> >> confidential material, and is for the sole use of the intended
> >> >> recipients. Review, dissemination, or other use by anyone else is
> >> >> prohibited. If you are not an intended recipient, please contact
the
> >> >> sender and delete all copies.
> >> >>
> >> >>
---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> >> For additional commands, e-mail: users-help@subversion.tigris.org
> >> >>
> >>
> >>
> >>
> >> This e-mail message and all attachments thereto may contain
> >> technical data that is subject to export control regulations, or
> >> confidential material, and is for the sole use of the intended
> >> recipients. Review, dissemination, or other use by anyone else is
> >> prohibited. If you are not an intended recipient, please contact the
> >> sender and delete all copies.
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> For additional commands, e-mail: users-help@subversion.tigris.org
> >>
>
>
>
> This e-mail message and all attachments thereto may contain
> technical data that is subject to export control regulations, or
> confidential material, and is for the sole use of the intended
> recipients. Review, dissemination, or other use by anyone else is
> prohibited. If you are not an intended recipient, please contact the
> sender and delete all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Antwort: RE: Browsing via HTTPS needs authentication
Posted by "Gillis, Paul" <pg...@insight-tek.com>.
Hi Robin,
With an AuthzSVNAccessFile that looks like this, I expect that I would not be able to open the Release subfolder in my Test repository. SVN and TSVN will not let me. But with an IE browser, I can open it and view its content.
[groups]
admin = gillis_p, patel_n
eng = brock_c, richardson_d
[/]
* = r
@admin = rw
[Test:/]
@admin = rw
richardson_d = rw
[Test:/Release]
gillis_p =
- Paul
>-----Original Message-----
>From: Robin.Gueldenpfennig@enercon.de
>[mailto:Robin.Gueldenpfennig@enercon.de]
>Sent: Monday, October 27, 2008 7:10 AM
>To: Gillis, Paul
>Cc: users@subversion.tigris.org
>Subject: Antwort: RE: Browsing via HTTPS needs authentication
>
>Yes, exactly. We are using Internet Explorer Version 6.0
>
>How does your svn access file look like? Your authentication goes through
>SSPI?
>
>Mit freundlichen Grüßen
>Robin Güldenpfennig
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>Robin Güldenpfennig
>Service IT / SCADA Department
>
>ENERCON Service Center
>Dornumer Straße 20
>26607 Aurich / Germany
>
>mailto:Robin.Gueldenpfennig@enercon.de
>http://www.enercon.de
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
>rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
>Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
>eines technischen Fehlers oder eines Versehens erhalten haben, informieren
>Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
>Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
>enthaltenen Informationen an Dritte ist nicht gestattet.
>
>This e-mail message together with its attachments, if any, is confidential
>and may contain information subject to legal privilege (e.g.
>attorney-client-privilege). If you are not the intended recipient or have
>received this e-mail in error, please inform us immediately and delete this
>message. Any unauthorised copying of this message (and attachments) or
>unauthorised distribution of the information contained herein is
>prohibited.
>
>"Gillis, Paul" <pg...@insight-tek.com> schrieb am 27.10.2008 12:00:45:
>
>> So are you saying that devTeam01 cannot open Project2 with an IE browser?
>
>> I can get a browser to open all my repositories. I just can't read
>> restrict them with the permissions that are set in my AuthzSVNAccessfile.
>>
>> Thanks!
>>
>> - Paul
>>
>> >-----Original Message-----
>> >From: Robin.Gueldenpfennig@enercon.de
>> >[mailto:Robin.Gueldenpfennig@enercon.de]
>> >Sent: Friday, October 24, 2008 6:07 AM
>> >To: Gillis, Paul
>> >Cc: users@subversion.tigris.org
>> >Subject: Re: Browsing via HTTPS needs authentication
>> >
>> >Hi Paul,
>> >
>> >I set up an AuthzSVNAccessfile now. It's working fine with IE browser
>and
>> >with TortoiseSVN
>> >
>> >It looks like that:
>> >
>> >[groups]
>> >admin = rgueldenpfennig
>> >devTeam01 = bjohnson, kdirk
>> >devtTeam02 = lkeys, rmeier
>> >
>> >=======================
>> >svnaccessfile.conf
>> >
>> >[/]
>> >@admin = rw
>> >
>> >[Project1:/]
>> >@devTeam01 = rw
>> >bschulte = r
>> >
>> >[Project2:/]
>> >@devTeam02 = rw
>> >
>> >=======================
>> >
>> >The whole authentication goes over the SSPI module
>> >
>> >Mit freundlichen Grüßen
>> >Robin Güldenpfennig
>> >
>> >"Gillis, Paul" <pg...@insight-tek.com> schrieb am 23.10.2008 14:58:46:
>> >
>> >> I missed the answer to your question. What was it?
>> >>
>> >> I have the same Windows SSPI setup here and an IE browser does not
>> >> recognize any of the repository folder level read restrictions in my
>> >> AuthzSVNAccessFile. But the TSVN and SVN clients do.
>> >>
>> >> - Paul
>> >>
>> >> >-----Original Message-----
>> >> >From: Robin.Gueldenpfennig@enercon.de
>> >> >[mailto:Robin.Gueldenpfennig@enercon.de]
>> >> >Sent: Thursday, October 23, 2008 8:45 AM
>> >> >To: vishwajeet singh
>> >> >Cc: users@subversion.tigris.org
>> >> >Subject: Antwort: Re: Browsing via HTTPS needs authentication
>> >> >
>> >> >Hi and thanks for the fast answer!
>> >> >
>> >> >You are kind of right. The SSPI mod also checks your domain account
>when
>> >> >accessing via a browser. From outside the corporation domain there is
>no
>> >> >access.
>> >> >I just checked the apache logs and I think this no more problem now.
>> >> >
>> >> >best regards
>> >> >Robin Güldenpfennig
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > "vishwajeet
>> >> > singh"
>> >> > <dextrous85@gmail
>> >An
>> >> > .com>
>Robin.Gueldenpfennig@enercon.de
>> >> >
>> >Kopie
>> >> > 23.10.2008 14:27 users@subversion.tigris.org
>> >> >
>> >Thema
>> >> > Re: Browsing via HTTPS needs
>> >> > authentication
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >It work works fine with web too but Internet explorer shows extra
>> >ordernay
>> >> >talent by automatically passing your credentials.
>> >> >You can test this with any other browser; it will definetley prompt
>you
>> >for
>> >> >password.
>> >> >or for quick check you can ask some on who does not have access to
>> >> >repository to browse through repository or you can try even your self
>by
>> >> >clearing cahce.
>> >> >
>> >> >2008/10/23 <Ro...@enercon.de>
>> >> >
>> >> > Hi there,
>> >> >
>> >> > I configured a Win32 Apache Server with the SSPI mod to use the
>> >> > Windows
>> >> > Domain User data in TortoiseSVN. It all works really fine.
>> >> >
>> >> > But when I'm browings via the Internet Explorer in the
>repository
>> >> > trees, I
>> >> > don't need to verify my user account.
>> >> >
>> >> > So everybody can download data from the repositories.
>> >> >
>> >> > What do I have to change so the SSPI authentication works on
>the
>> >web,
>> >> > too?
>> >> >
>> >> > Mit freundlichen Grüßen
>> >> > Robin Güldenpfennig
>> >> >
>> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >> > Robin Güldenpfennig
>> >> > Service IT / SCADA Department
>> >> >
>> >> > ENERCON Service Center
>> >> > Dornumer Straße 20
>> >> > 26607 Aurich / Germany
>> >> >
>> >> > mailto:Robin.Gueldenpfennig@enercon.de
>> >> > http://www.enercon.de
>> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >> > Diese E-Mail und mögliche Anhänge enthalten vertrauliche
>> >> > Informationen, die
>> >> > rechtlich besonders geschützt sein können. Wenn Sie nicht der
>> >> > beabsichtigte
>> >> > Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail
>etwa
>> >> > aufgrund
>> >> > eines technischen Fehlers oder eines Versehens erhalten haben,
>> >> > informieren
>> >> > Sie uns bitte sofort und löschen Sie anschließend die E-Mail.
>Das
>> >> > unbefugte
>> >> > Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
>> >> > Weitergabe der
>> >> > enthaltenen Informationen an Dritte ist nicht gestattet.
>> >> >
>> >> > This e-mail message together with its attachments, if any, is
>> >> > confidential
>> >> > and may contain information subject to legal privilege (e.g.
>> >> > attorney-client-privilege). If you are not the intended
>recipient
>> >or
>> >> > have
>> >> > received this e-mail in error, please inform us immediately and
>> >> > delete this
>> >> > message. Any unauthorised copying of this message (and
>> >attachments)
>> >> > or
>> >> > unauthorised distribution of the information contained herein
>is
>> >> > prohibited.
>> >> >
>> >> >
>> >> >
>> >---------------------------------------------------------------------
>> >> > To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> >> > For additional commands, e-mail:
>users-help@subversion.tigris.org
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >--
>> >> >Cheers,
>> >> >Vishwajeet
>> >> >http://www.singhvishwajeet.com
>> >> >
>> >> >
>> >> >---------------------------------------------------------------------
>> >> >To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> >> >For additional commands, e-mail: users-help@subversion.tigris.org
>> >>
>> >>
>> >>
>> >> This e-mail message and all attachments thereto may contain
>> >> technical data that is subject to export control regulations, or
>> >> confidential material, and is for the sole use of the intended
>> >> recipients. Review, dissemination, or other use by anyone else is
>> >> prohibited. If you are not an intended recipient, please contact the
>> >> sender and delete all copies.
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> >> For additional commands, e-mail: users-help@subversion.tigris.org
>> >>
>>
>>
>>
>> This e-mail message and all attachments thereto may contain
>> technical data that is subject to export control regulations, or
>> confidential material, and is for the sole use of the intended
>> recipients. Review, dissemination, or other use by anyone else is
>> prohibited. If you are not an intended recipient, please contact the
>> sender and delete all copies.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> For additional commands, e-mail: users-help@subversion.tigris.org
>>
This e-mail message and all attachments thereto may contain technical data that is subject to export control regulations, or confidential material, and is for the sole use of the intended recipients. Review, dissemination, or other use by anyone else is prohibited. If you are not an intended recipient, please contact the sender and delete all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Antwort: RE: Browsing via HTTPS needs authentication
Posted by Ro...@enercon.de.
Yes, exactly. We are using Internet Explorer Version 6.0
How does your svn access file look like? Your authentication goes through
SSPI?
Mit freundlichen Grüßen
Robin Güldenpfennig
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robin Güldenpfennig
Service IT / SCADA Department
ENERCON Service Center
Dornumer Straße 20
26607 Aurich / Germany
mailto:Robin.Gueldenpfennig@enercon.de
http://www.enercon.de
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
eines technischen Fehlers oder eines Versehens erhalten haben, informieren
Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
enthaltenen Informationen an Dritte ist nicht gestattet.
This e-mail message together with its attachments, if any, is confidential
and may contain information subject to legal privilege (e.g.
attorney-client-privilege). If you are not the intended recipient or have
received this e-mail in error, please inform us immediately and delete this
message. Any unauthorised copying of this message (and attachments) or
unauthorised distribution of the information contained herein is
prohibited.
"Gillis, Paul" <pg...@insight-tek.com> schrieb am 27.10.2008 12:00:45:
> So are you saying that devTeam01 cannot open Project2 with an IE browser?
> I can get a browser to open all my repositories. I just can't read
> restrict them with the permissions that are set in my AuthzSVNAccessfile.
>
> Thanks!
>
> - Paul
>
> >-----Original Message-----
> >From: Robin.Gueldenpfennig@enercon.de
> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >Sent: Friday, October 24, 2008 6:07 AM
> >To: Gillis, Paul
> >Cc: users@subversion.tigris.org
> >Subject: Re: Browsing via HTTPS needs authentication
> >
> >Hi Paul,
> >
> >I set up an AuthzSVNAccessfile now. It's working fine with IE browser
and
> >with TortoiseSVN
> >
> >It looks like that:
> >
> >[groups]
> >admin = rgueldenpfennig
> >devTeam01 = bjohnson, kdirk
> >devtTeam02 = lkeys, rmeier
> >
> >=======================
> >svnaccessfile.conf
> >
> >[/]
> >@admin = rw
> >
> >[Project1:/]
> >@devTeam01 = rw
> >bschulte = r
> >
> >[Project2:/]
> >@devTeam02 = rw
> >
> >=======================
> >
> >The whole authentication goes over the SSPI module
> >
> >Mit freundlichen Grüßen
> >Robin Güldenpfennig
> >
> >"Gillis, Paul" <pg...@insight-tek.com> schrieb am 23.10.2008 14:58:46:
> >
> >> I missed the answer to your question. What was it?
> >>
> >> I have the same Windows SSPI setup here and an IE browser does not
> >> recognize any of the repository folder level read restrictions in my
> >> AuthzSVNAccessFile. But the TSVN and SVN clients do.
> >>
> >> - Paul
> >>
> >> >-----Original Message-----
> >> >From: Robin.Gueldenpfennig@enercon.de
> >> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >> >Sent: Thursday, October 23, 2008 8:45 AM
> >> >To: vishwajeet singh
> >> >Cc: users@subversion.tigris.org
> >> >Subject: Antwort: Re: Browsing via HTTPS needs authentication
> >> >
> >> >Hi and thanks for the fast answer!
> >> >
> >> >You are kind of right. The SSPI mod also checks your domain account
when
> >> >accessing via a browser. From outside the corporation domain there is
no
> >> >access.
> >> >I just checked the apache logs and I think this no more problem now.
> >> >
> >> >best regards
> >> >Robin Güldenpfennig
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > "vishwajeet
> >> > singh"
> >> > <dextrous85@gmail
> >An
> >> > .com>
Robin.Gueldenpfennig@enercon.de
> >> >
> >Kopie
> >> > 23.10.2008 14:27 users@subversion.tigris.org
> >> >
> >Thema
> >> > Re: Browsing via HTTPS needs
> >> > authentication
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >It work works fine with web too but Internet explorer shows extra
> >ordernay
> >> >talent by automatically passing your credentials.
> >> >You can test this with any other browser; it will definetley prompt
you
> >for
> >> >password.
> >> >or for quick check you can ask some on who does not have access to
> >> >repository to browse through repository or you can try even your self
by
> >> >clearing cahce.
> >> >
> >> >2008/10/23 <Ro...@enercon.de>
> >> >
> >> > Hi there,
> >> >
> >> > I configured a Win32 Apache Server with the SSPI mod to use the
> >> > Windows
> >> > Domain User data in TortoiseSVN. It all works really fine.
> >> >
> >> > But when I'm browings via the Internet Explorer in the
repository
> >> > trees, I
> >> > don't need to verify my user account.
> >> >
> >> > So everybody can download data from the repositories.
> >> >
> >> > What do I have to change so the SSPI authentication works on
the
> >web,
> >> > too?
> >> >
> >> > Mit freundlichen Grüßen
> >> > Robin Güldenpfennig
> >> >
> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >> > Robin Güldenpfennig
> >> > Service IT / SCADA Department
> >> >
> >> > ENERCON Service Center
> >> > Dornumer Straße 20
> >> > 26607 Aurich / Germany
> >> >
> >> > mailto:Robin.Gueldenpfennig@enercon.de
> >> > http://www.enercon.de
> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >> > Diese E-Mail und mögliche Anhänge enthalten vertrauliche
> >> > Informationen, die
> >> > rechtlich besonders geschützt sein können. Wenn Sie nicht der
> >> > beabsichtigte
> >> > Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail
etwa
> >> > aufgrund
> >> > eines technischen Fehlers oder eines Versehens erhalten haben,
> >> > informieren
> >> > Sie uns bitte sofort und löschen Sie anschließend die E-Mail.
Das
> >> > unbefugte
> >> > Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
> >> > Weitergabe der
> >> > enthaltenen Informationen an Dritte ist nicht gestattet.
> >> >
> >> > This e-mail message together with its attachments, if any, is
> >> > confidential
> >> > and may contain information subject to legal privilege (e.g.
> >> > attorney-client-privilege). If you are not the intended
recipient
> >or
> >> > have
> >> > received this e-mail in error, please inform us immediately and
> >> > delete this
> >> > message. Any unauthorised copying of this message (and
> >attachments)
> >> > or
> >> > unauthorised distribution of the information contained herein
is
> >> > prohibited.
> >> >
> >> >
> >> >
> >---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> > For additional commands, e-mail:
users-help@subversion.tigris.org
> >> >
> >> >
> >> >
> >> >
> >> >--
> >> >Cheers,
> >> >Vishwajeet
> >> >http://www.singhvishwajeet.com
> >> >
> >> >
> >> >---------------------------------------------------------------------
> >> >To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> >For additional commands, e-mail: users-help@subversion.tigris.org
> >>
> >>
> >>
> >> This e-mail message and all attachments thereto may contain
> >> technical data that is subject to export control regulations, or
> >> confidential material, and is for the sole use of the intended
> >> recipients. Review, dissemination, or other use by anyone else is
> >> prohibited. If you are not an intended recipient, please contact the
> >> sender and delete all copies.
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >> For additional commands, e-mail: users-help@subversion.tigris.org
> >>
>
>
>
> This e-mail message and all attachments thereto may contain
> technical data that is subject to export control regulations, or
> confidential material, and is for the sole use of the intended
> recipients. Review, dissemination, or other use by anyone else is
> prohibited. If you are not an intended recipient, please contact the
> sender and delete all copies.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Browsing via HTTPS needs authentication
Posted by "Gillis, Paul" <pg...@insight-tek.com>.
So are you saying that devTeam01 cannot open Project2 with an IE browser?
I can get a browser to open all my repositories. I just can't read restrict them with the permissions that are set in my AuthzSVNAccessfile.
Thanks!
- Paul
>-----Original Message-----
>From: Robin.Gueldenpfennig@enercon.de
>[mailto:Robin.Gueldenpfennig@enercon.de]
>Sent: Friday, October 24, 2008 6:07 AM
>To: Gillis, Paul
>Cc: users@subversion.tigris.org
>Subject: Re: Browsing via HTTPS needs authentication
>
>Hi Paul,
>
>I set up an AuthzSVNAccessfile now. It's working fine with IE browser and
>with TortoiseSVN
>
>It looks like that:
>
>[groups]
>admin = rgueldenpfennig
>devTeam01 = bjohnson, kdirk
>devtTeam02 = lkeys, rmeier
>
>=======================
>svnaccessfile.conf
>
>[/]
>@admin = rw
>
>[Project1:/]
>@devTeam01 = rw
>bschulte = r
>
>[Project2:/]
>@devTeam02 = rw
>
>=======================
>
>The whole authentication goes over the SSPI module
>
>Mit freundlichen Grüßen
>Robin Güldenpfennig
>
>"Gillis, Paul" <pg...@insight-tek.com> schrieb am 23.10.2008 14:58:46:
>
>> I missed the answer to your question. What was it?
>>
>> I have the same Windows SSPI setup here and an IE browser does not
>> recognize any of the repository folder level read restrictions in my
>> AuthzSVNAccessFile. But the TSVN and SVN clients do.
>>
>> - Paul
>>
>> >-----Original Message-----
>> >From: Robin.Gueldenpfennig@enercon.de
>> >[mailto:Robin.Gueldenpfennig@enercon.de]
>> >Sent: Thursday, October 23, 2008 8:45 AM
>> >To: vishwajeet singh
>> >Cc: users@subversion.tigris.org
>> >Subject: Antwort: Re: Browsing via HTTPS needs authentication
>> >
>> >Hi and thanks for the fast answer!
>> >
>> >You are kind of right. The SSPI mod also checks your domain account when
>> >accessing via a browser. From outside the corporation domain there is no
>> >access.
>> >I just checked the apache logs and I think this no more problem now.
>> >
>> >best regards
>> >Robin Güldenpfennig
>> >
>> >
>> >
>> >
>> >
>> > "vishwajeet
>> > singh"
>> > <dextrous85@gmail
>An
>> > .com> Robin.Gueldenpfennig@enercon.de
>> >
>Kopie
>> > 23.10.2008 14:27 users@subversion.tigris.org
>> >
>Thema
>> > Re: Browsing via HTTPS needs
>> > authentication
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >It work works fine with web too but Internet explorer shows extra
>ordernay
>> >talent by automatically passing your credentials.
>> >You can test this with any other browser; it will definetley prompt you
>for
>> >password.
>> >or for quick check you can ask some on who does not have access to
>> >repository to browse through repository or you can try even your self by
>> >clearing cahce.
>> >
>> >2008/10/23 <Ro...@enercon.de>
>> >
>> > Hi there,
>> >
>> > I configured a Win32 Apache Server with the SSPI mod to use the
>> > Windows
>> > Domain User data in TortoiseSVN. It all works really fine.
>> >
>> > But when I'm browings via the Internet Explorer in the repository
>> > trees, I
>> > don't need to verify my user account.
>> >
>> > So everybody can download data from the repositories.
>> >
>> > What do I have to change so the SSPI authentication works on the
>web,
>> > too?
>> >
>> > Mit freundlichen Grüßen
>> > Robin Güldenpfennig
>> >
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > Robin Güldenpfennig
>> > Service IT / SCADA Department
>> >
>> > ENERCON Service Center
>> > Dornumer Straße 20
>> > 26607 Aurich / Germany
>> >
>> > mailto:Robin.Gueldenpfennig@enercon.de
>> > http://www.enercon.de
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > Diese E-Mail und mögliche Anhänge enthalten vertrauliche
>> > Informationen, die
>> > rechtlich besonders geschützt sein können. Wenn Sie nicht der
>> > beabsichtigte
>> > Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
>> > aufgrund
>> > eines technischen Fehlers oder eines Versehens erhalten haben,
>> > informieren
>> > Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
>> > unbefugte
>> > Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
>> > Weitergabe der
>> > enthaltenen Informationen an Dritte ist nicht gestattet.
>> >
>> > This e-mail message together with its attachments, if any, is
>> > confidential
>> > and may contain information subject to legal privilege (e.g.
>> > attorney-client-privilege). If you are not the intended recipient
>or
>> > have
>> > received this e-mail in error, please inform us immediately and
>> > delete this
>> > message. Any unauthorised copying of this message (and
>attachments)
>> > or
>> > unauthorised distribution of the information contained herein is
>> > prohibited.
>> >
>> >
>> >
>---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> > For additional commands, e-mail: users-help@subversion.tigris.org
>> >
>> >
>> >
>> >
>> >--
>> >Cheers,
>> >Vishwajeet
>> >http://www.singhvishwajeet.com
>> >
>> >
>> >---------------------------------------------------------------------
>> >To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> >For additional commands, e-mail: users-help@subversion.tigris.org
>>
>>
>>
>> This e-mail message and all attachments thereto may contain
>> technical data that is subject to export control regulations, or
>> confidential material, and is for the sole use of the intended
>> recipients. Review, dissemination, or other use by anyone else is
>> prohibited. If you are not an intended recipient, please contact the
>> sender and delete all copies.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>> For additional commands, e-mail: users-help@subversion.tigris.org
>>
This e-mail message and all attachments thereto may contain technical data that is subject to export control regulations, or confidential material, and is for the sole use of the intended recipients. Review, dissemination, or other use by anyone else is prohibited. If you are not an intended recipient, please contact the sender and delete all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Browsing via HTTPS needs authentication
Posted by Ro...@enercon.de.
Hi Paul,
I set up an AuthzSVNAccessfile now. It's working fine with IE browser and
with TortoiseSVN
It looks like that:
[groups]
admin = rgueldenpfennig
devTeam01 = bjohnson, kdirk
devtTeam02 = lkeys, rmeier
=======================
svnaccessfile.conf
[/]
@admin = rw
[Project1:/]
@devTeam01 = rw
bschulte = r
[Project2:/]
@devTeam02 = rw
=======================
The whole authentication goes over the SSPI module
Mit freundlichen Grüßen
Robin Güldenpfennig
"Gillis, Paul" <pg...@insight-tek.com> schrieb am 23.10.2008 14:58:46:
> I missed the answer to your question. What was it?
>
> I have the same Windows SSPI setup here and an IE browser does not
> recognize any of the repository folder level read restrictions in my
> AuthzSVNAccessFile. But the TSVN and SVN clients do.
>
> - Paul
>
> >-----Original Message-----
> >From: Robin.Gueldenpfennig@enercon.de
> >[mailto:Robin.Gueldenpfennig@enercon.de]
> >Sent: Thursday, October 23, 2008 8:45 AM
> >To: vishwajeet singh
> >Cc: users@subversion.tigris.org
> >Subject: Antwort: Re: Browsing via HTTPS needs authentication
> >
> >Hi and thanks for the fast answer!
> >
> >You are kind of right. The SSPI mod also checks your domain account when
> >accessing via a browser. From outside the corporation domain there is no
> >access.
> >I just checked the apache logs and I think this no more problem now.
> >
> >best regards
> >Robin Güldenpfennig
> >
> >
> >
> >
> >
> > "vishwajeet
> > singh"
> > <dextrous85@gmail
An
> > .com> Robin.Gueldenpfennig@enercon.de
> >
Kopie
> > 23.10.2008 14:27 users@subversion.tigris.org
> >
Thema
> > Re: Browsing via HTTPS needs
> > authentication
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >It work works fine with web too but Internet explorer shows extra
ordernay
> >talent by automatically passing your credentials.
> >You can test this with any other browser; it will definetley prompt you
for
> >password.
> >or for quick check you can ask some on who does not have access to
> >repository to browse through repository or you can try even your self by
> >clearing cahce.
> >
> >2008/10/23 <Ro...@enercon.de>
> >
> > Hi there,
> >
> > I configured a Win32 Apache Server with the SSPI mod to use the
> > Windows
> > Domain User data in TortoiseSVN. It all works really fine.
> >
> > But when I'm browings via the Internet Explorer in the repository
> > trees, I
> > don't need to verify my user account.
> >
> > So everybody can download data from the repositories.
> >
> > What do I have to change so the SSPI authentication works on the
web,
> > too?
> >
> > Mit freundlichen Grüßen
> > Robin Güldenpfennig
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Robin Güldenpfennig
> > Service IT / SCADA Department
> >
> > ENERCON Service Center
> > Dornumer Straße 20
> > 26607 Aurich / Germany
> >
> > mailto:Robin.Gueldenpfennig@enercon.de
> > http://www.enercon.de
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Diese E-Mail und mögliche Anhänge enthalten vertrauliche
> > Informationen, die
> > rechtlich besonders geschützt sein können. Wenn Sie nicht der
> > beabsichtigte
> > Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
> > aufgrund
> > eines technischen Fehlers oder eines Versehens erhalten haben,
> > informieren
> > Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
> > unbefugte
> > Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
> > Weitergabe der
> > enthaltenen Informationen an Dritte ist nicht gestattet.
> >
> > This e-mail message together with its attachments, if any, is
> > confidential
> > and may contain information subject to legal privilege (e.g.
> > attorney-client-privilege). If you are not the intended recipient
or
> > have
> > received this e-mail in error, please inform us immediately and
> > delete this
> > message. Any unauthorised copying of this message (and
attachments)
> > or
> > unauthorised distribution of the information contained herein is
> > prohibited.
> >
> >
> >
---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> > For additional commands, e-mail: users-help@subversion.tigris.org
> >
> >
> >
> >
> >--
> >Cheers,
> >Vishwajeet
> >http://www.singhvishwajeet.com
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> >For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>
> This e-mail message and all attachments thereto may contain
> technical data that is subject to export control regulations, or
> confidential material, and is for the sole use of the intended
> recipients. Review, dissemination, or other use by anyone else is
> prohibited. If you are not an intended recipient, please contact the
> sender and delete all copies.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Antwort: Re: Browsing via HTTPS needs authentication
Posted by "Gillis, Paul" <pg...@insight-tek.com>.
I missed the answer to your question. What was it?
I have the same Windows SSPI setup here and an IE browser does not recognize any of the repository folder level read restrictions in my AuthzSVNAccessFile. But the TSVN and SVN clients do.
- Paul
>-----Original Message-----
>From: Robin.Gueldenpfennig@enercon.de
>[mailto:Robin.Gueldenpfennig@enercon.de]
>Sent: Thursday, October 23, 2008 8:45 AM
>To: vishwajeet singh
>Cc: users@subversion.tigris.org
>Subject: Antwort: Re: Browsing via HTTPS needs authentication
>
>Hi and thanks for the fast answer!
>
>You are kind of right. The SSPI mod also checks your domain account when
>accessing via a browser. From outside the corporation domain there is no
>access.
>I just checked the apache logs and I think this no more problem now.
>
>best regards
>Robin Güldenpfennig
>
>
>
>
>
> "vishwajeet
> singh"
> <dextrous85@gmail An
> .com> Robin.Gueldenpfennig@enercon.de
> Kopie
> 23.10.2008 14:27 users@subversion.tigris.org
> Thema
> Re: Browsing via HTTPS needs
> authentication
>
>
>
>
>
>
>
>
>
>
>It work works fine with web too but Internet explorer shows extra ordernay
>talent by automatically passing your credentials.
>You can test this with any other browser; it will definetley prompt you for
>password.
>or for quick check you can ask some on who does not have access to
>repository to browse through repository or you can try even your self by
>clearing cahce.
>
>2008/10/23 <Ro...@enercon.de>
>
> Hi there,
>
> I configured a Win32 Apache Server with the SSPI mod to use the
> Windows
> Domain User data in TortoiseSVN. It all works really fine.
>
> But when I'm browings via the Internet Explorer in the repository
> trees, I
> don't need to verify my user account.
>
> So everybody can download data from the repositories.
>
> What do I have to change so the SSPI authentication works on the web,
> too?
>
> Mit freundlichen Grüßen
> Robin Güldenpfennig
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Robin Güldenpfennig
> Service IT / SCADA Department
>
> ENERCON Service Center
> Dornumer Straße 20
> 26607 Aurich / Germany
>
> mailto:Robin.Gueldenpfennig@enercon.de
> http://www.enercon.de
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Diese E-Mail und mögliche Anhänge enthalten vertrauliche
> Informationen, die
> rechtlich besonders geschützt sein können. Wenn Sie nicht der
> beabsichtigte
> Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
> aufgrund
> eines technischen Fehlers oder eines Versehens erhalten haben,
> informieren
> Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
> unbefugte
> Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
> Weitergabe der
> enthaltenen Informationen an Dritte ist nicht gestattet.
>
> This e-mail message together with its attachments, if any, is
> confidential
> and may contain information subject to legal privilege (e.g.
> attorney-client-privilege). If you are not the intended recipient or
> have
> received this e-mail in error, please inform us immediately and
> delete this
> message. Any unauthorised copying of this message (and attachments)
> or
> unauthorised distribution of the information contained herein is
> prohibited.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>
>
>--
>Cheers,
>Vishwajeet
>http://www.singhvishwajeet.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org
This e-mail message and all attachments thereto may contain technical data that is subject to export control regulations, or confidential material, and is for the sole use of the intended recipients. Review, dissemination, or other use by anyone else is prohibited. If you are not an intended recipient, please contact the sender and delete all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Antwort: Re: Browsing via HTTPS needs authentication
Posted by Ro...@enercon.de.
Hi and thanks for the fast answer!
You are kind of right. The SSPI mod also checks your domain account when
accessing via a browser. From outside the corporation domain there is no
access.
I just checked the apache logs and I think this no more problem now.
best regards
Robin Güldenpfennig
"vishwajeet
singh"
<dextrous85@gmail An
.com> Robin.Gueldenpfennig@enercon.de
Kopie
23.10.2008 14:27 users@subversion.tigris.org
Thema
Re: Browsing via HTTPS needs
authentication
It work works fine with web too but Internet explorer shows extra ordernay
talent by automatically passing your credentials.
You can test this with any other browser; it will definetley prompt you for
password.
or for quick check you can ask some on who does not have access to
repository to browse through repository or you can try even your self by
clearing cahce.
2008/10/23 <Ro...@enercon.de>
Hi there,
I configured a Win32 Apache Server with the SSPI mod to use the
Windows
Domain User data in TortoiseSVN. It all works really fine.
But when I'm browings via the Internet Explorer in the repository
trees, I
don't need to verify my user account.
So everybody can download data from the repositories.
What do I have to change so the SSPI authentication works on the web,
too?
Mit freundlichen Grüßen
Robin Güldenpfennig
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robin Güldenpfennig
Service IT / SCADA Department
ENERCON Service Center
Dornumer Straße 20
26607 Aurich / Germany
mailto:Robin.Gueldenpfennig@enercon.de
http://www.enercon.de
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diese E-Mail und mögliche Anhänge enthalten vertrauliche
Informationen, die
rechtlich besonders geschützt sein können. Wenn Sie nicht der
beabsichtigte
Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa
aufgrund
eines technischen Fehlers oder eines Versehens erhalten haben,
informieren
Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das
unbefugte
Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte
Weitergabe der
enthaltenen Informationen an Dritte ist nicht gestattet.
This e-mail message together with its attachments, if any, is
confidential
and may contain information subject to legal privilege (e.g.
attorney-client-privilege). If you are not the intended recipient or
have
received this e-mail in error, please inform us immediately and
delete this
message. Any unauthorised copying of this message (and attachments)
or
unauthorised distribution of the information contained herein is
prohibited.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
--
Cheers,
Vishwajeet
http://www.singhvishwajeet.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Browsing via HTTPS needs authentication
Posted by vishwajeet singh <de...@gmail.com>.
It work works fine with web too but Internet explorer shows extra ordernay
talent by automatically passing your credentials.
You can test this with any other browser; it will definetley prompt you for
password.
or for quick check you can ask some on who does not have access to
repository to browse through repository or you can try even your self by
clearing cahce.
2008/10/23 <Ro...@enercon.de>
>
> Hi there,
>
> I configured a Win32 Apache Server with the SSPI mod to use the Windows
> Domain User data in TortoiseSVN. It all works really fine.
>
> But when I'm browings via the Internet Explorer in the repository trees, I
> don't need to verify my user account.
>
> So everybody can download data from the repositories.
>
> What do I have to change so the SSPI authentication works on the web, too?
>
> Mit freundlichen Grüßen
> Robin Güldenpfennig
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Robin Güldenpfennig
> Service IT / SCADA Department
>
> ENERCON Service Center
> Dornumer Straße 20
> 26607 Aurich / Germany
>
> mailto:Robin.Gueldenpfennig@enercon.de
> http://www.enercon.de
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Diese E-Mail und mögliche Anhänge enthalten vertrauliche Informationen, die
> rechtlich besonders geschützt sein können. Wenn Sie nicht der beabsichtigte
> Empfänger bzw. Adressat dieser E-mail sind und diese E-Mail etwa aufgrund
> eines technischen Fehlers oder eines Versehens erhalten haben, informieren
> Sie uns bitte sofort und löschen Sie anschließend die E-Mail. Das unbefugte
> Kopieren dieser E-Mail, etwaiger Anhänge sowie die unbefugte Weitergabe der
> enthaltenen Informationen an Dritte ist nicht gestattet.
>
> This e-mail message together with its attachments, if any, is confidential
> and may contain information subject to legal privilege (e.g.
> attorney-client-privilege). If you are not the intended recipient or have
> received this e-mail in error, please inform us immediately and delete this
> message. Any unauthorised copying of this message (and attachments) or
> unauthorised distribution of the information contained herein is
> prohibited.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
--
Cheers,
Vishwajeet
http://www.singhvishwajeet.com