wiew history+authorization failed
164 views
Skip to first unread message
20100
May 17, 2011, 10:31:07 AM5/17/11
to ReposStyle
Hi,
I have a problem with ReposStyle 2.4, when i clicked on "view history"
i got this message :
svn: OPTIONS of 'http://svdos/svn/branches': authorization failed:
Could not authenticate to server: rejected Basic challenge (http://
svdos)
I use WAMPSERVER and my APACHE configuration is :
NameVirtualHost 172.x.x.151:80
# VirtualHost by default
<VirtualHost 172.x.x.151:80>
ServerName 172.x.x.151
DocumentRoot "d:/wamp/www_subversion"
<Directory "d:/wamp/www_subversion">
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
</Directory>
</VirtualHost>
# VirtualHost svdos on server SVN or host file (windows/system32/
drivers/etc)
<VirtualHost 172.x.x.151:80>
ServerName svdos
ErrorLog "d:/wamp/logs/svdos_apache_error.log"
DocumentRoot "d:/wamp/www_subversion"
<Directory "d:/wamp/www_subversion">
Options Indexes FollowSymLinks
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
</Directory>
<Location /svn>
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
DAV svn
SVNListParentPath on
SVNParentPath D:/wamp/bin/subversion/referentiel
SVNIndexXSLT "/repos-web/view/repos.xsl"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile bin/svnaccess
Require valid-user
</Location>
</VirtualHost>
In the file \wamp\www_subversion\repos-web\open\log\index.php,
i change the variable $repo with $repo = 'http://svndos3/svn/';
Have you any idea?
thx
I have a problem with ReposStyle 2.4, when i clicked on "view history"
i got this message :
svn: OPTIONS of 'http://svdos/svn/branches': authorization failed:
Could not authenticate to server: rejected Basic challenge (http://
svdos)
I use WAMPSERVER and my APACHE configuration is :
NameVirtualHost 172.x.x.151:80
# VirtualHost by default
<VirtualHost 172.x.x.151:80>
ServerName 172.x.x.151
DocumentRoot "d:/wamp/www_subversion"
<Directory "d:/wamp/www_subversion">
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
</Directory>
</VirtualHost>
# VirtualHost svdos on server SVN or host file (windows/system32/
drivers/etc)
<VirtualHost 172.x.x.151:80>
ServerName svdos
ErrorLog "d:/wamp/logs/svdos_apache_error.log"
DocumentRoot "d:/wamp/www_subversion"
<Directory "d:/wamp/www_subversion">
Options Indexes FollowSymLinks
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
</Directory>
<Location /svn>
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
DAV svn
SVNListParentPath on
SVNParentPath D:/wamp/bin/subversion/referentiel
SVNIndexXSLT "/repos-web/view/repos.xsl"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile bin/svnaccess
Require valid-user
</Location>
</VirtualHost>
In the file \wamp\www_subversion\repos-web\open\log\index.php,
i change the variable $repo with $repo = 'http://svndos3/svn/';
Have you any idea?
thx
Staffan
May 17, 2011, 2:13:44 PM5/17/11
to repos...@googlegroups.com
Hi,
The svn log is read using a command line operation from the php script, so the authentication done by the user is not known. Thus, if you have a repository that requires login to view content you need to use the "file:" url to subversion. Judging from your apache conf that would be in your case file:///D:/wamp/bin/subversion/referentiel
You can still password protect the log by configuring the Directory or Location /repos-web/open with Require valid-user. Note that this will bypass any path-based access control so anyone with a login will be able to view the log for all repositories.
/Staffan
The svn log is read using a command line operation from the php script, so the authentication done by the user is not known. Thus, if you have a repository that requires login to view content you need to use the "file:" url to subversion. Judging from your apache conf that would be in your case file:///D:/wamp/bin/subversion/referentiel
You can still password protect the log by configuring the Directory or Location /repos-web/open with Require valid-user. Note that this will bypass any path-based access control so anyone with a login will be able to view the log for all repositories.
/Staffan
--
You received this message because you are subscribed to the Google Groups "ReposStyle" group.
To post to this group, send email to repos...@googlegroups.com.
To unsubscribe from this group, send email to reposstyle+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/reposstyle?hl=en.
20100
May 18, 2011, 4:38:01 AM5/18/11
to ReposStyle
I have create two accounts in Apache with this command :
/apache/bin/httpd -c bob svnaccess (...+enter password)
/apache/bin/httpd vins svnaccess (...+enter password)
I found the command svn log in the php script (\repos-web\open\log),
and if i add this line, the authentification on the svn server works.
$cmd .= ' --username bob --password myPassNoCrypt';
But you can understand why I don't want to use this method, or to use
"file:///" access svn. So i want to protect the log by configuration
Directory /repos-web/open with a Require valid-user. In this case, i
know that anyone with a login (apache) will be able to view the log
for all repositories.
I test a configuration with "http://" access svn ($repo = 'http://
svdos/svn';) and authentification apache only in this location
directive :
<Location /svn>
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
DAV svn
SVNListParentPath on
SVNParentPath D:/wamp/bin/subversion/referentiel
SVNIndexXSLT "/repos-web/view/repos.xsl"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile bin/svnaccess
Require valid-user
</Location>
If i test to access with my browser the SVNPath (http://svdos/svn/), i
must to authentificate with apache (because of this instruction
Require valid-user in directive <location /svn>, and with this
authentification i can access to history... it's work... until (i
think but i'm not sure) a time-out authentification maybe a cookie
expiration.
You can still password protect the log by configuring the Directory or
Location /repos-web/open with Require valid-user. Note that this will
bypass
any path-based access control so anyone with a login will be able to
view
the log for all repositories.
How i can protect the log (/repos-web/open) with the same user/pass
used in my directive <location> ?
/apache/bin/httpd -c bob svnaccess (...+enter password)
/apache/bin/httpd vins svnaccess (...+enter password)
I found the command svn log in the php script (\repos-web\open\log),
and if i add this line, the authentification on the svn server works.
$cmd .= ' --username bob --password myPassNoCrypt';
But you can understand why I don't want to use this method, or to use
"file:///" access svn. So i want to protect the log by configuration
Directory /repos-web/open with a Require valid-user. In this case, i
know that anyone with a login (apache) will be able to view the log
for all repositories.
I test a configuration with "http://" access svn ($repo = 'http://
svdos/svn';) and authentification apache only in this location
directive :
<Location /svn>
order deny,allow
deny from all
allow from 172.x.x.151 172.x.x.152 172.x.x.153
DAV svn
SVNListParentPath on
SVNParentPath D:/wamp/bin/subversion/referentiel
SVNIndexXSLT "/repos-web/view/repos.xsl"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile bin/svnaccess
Require valid-user
</Location>
must to authentificate with apache (because of this instruction
Require valid-user in directive <location /svn>, and with this
authentification i can access to history... it's work... until (i
think but i'm not sure) a time-out authentification maybe a cookie
expiration.
You can still password protect the log by configuring the Directory or
Location /repos-web/open with Require valid-user. Note that this will
bypass
any path-based access control so anyone with a login will be able to
view
the log for all repositories.
used in my directive <location> ?
Staffan
May 18, 2011, 6:53:02 AM5/18/11
to repos...@googlegroups.com
There's no timeout or cookis in BASIC auth. If you didn't restart your browser you must have been logged out because of a configuration change on the server.
You can still password protect the log by configuring the Directory orHow i can protect the log (/repos-web/open) with the same user/pass
Location /repos-web/open with Require valid-user. Note that this will
bypass
any path-based access control so anyone with a login will be able to
view
the log for all repositories.
used in my directive <location> ?
You could try an auth provider (see the Apache manual), or simply copy-paste the Auth* entries from your svn block. Browsers will resend the credentials when switching between /repos-web/open and /svn.
/Staffan
/Staffan
20100
May 19, 2011, 3:58:47 AM5/19/11
to ReposStyle
Ok it's work ^^
Thx
Thx
Reply all
Reply to author
Forward
0 new messages