Anonymous Access and Group Permission

25 views
Skip to first unread message

Daniel Novo

unread,
May 12, 2023, 9:46:27 AM5/12/23
to scmmanager
Hi,

I'm using SCM Manager 2.43.0.

We need to enable anonymous read repository and pull/checkout repository.

In administration (settings) changed Anonymous Access to "Enabled for protocols" was "Disabled".

After this change, ldap users are unabled to push changes. Ldap users are group members of a group with "Own all repositories". They are getting "authorization failed".

I'm i missing something?

Thanks

Rene Pfeuffer

unread,
May 15, 2023, 4:30:00 AM5/15/23
to scmmanager
Hi,

thanks for the question. To check this, I just started a new SCM-Manager instance just with the LDAP plugin installed and configured for a little LDAP instance. After enabling the anonymous mode and setting a global READ permission for _anonymous, I nonetheless still could push (with LDAP credentials) and pull (without credentials). So this worked as I hoped. So the question remains, why this does not work for you (as I don't see something you have missed).

I used an internal SCM-Manager group and assigned the LDAP user to this group in SCM-Manager. So let's try to narrow this down:

We have the Support Plugin that can be used to simply create detailed logs for a short time. It can be found in the Administration panel in the navigation. What you can do is:

- Start the trace log
- Make a push
- Stop the trace log (you will get a zip file containig a scm-manager.log file with the logs)

We can than use this log for further analysis.

Please check this log file for private information before sharing (like repository names or logins)

Regards
René

Daniel Novo

unread,
May 15, 2023, 5:35:34 AM5/15/23
to scmma...@googlegroups.com
Hi Rene,

Logs attached. 

I didn't find any logins in the logs...that is strange. 

I tried to push with TortoiseHG and with eclipse plugin mercurial eclipse. 

Let me know if you need more info.

Thanks for your help, I really appreciate it.


--
You received this message because you are subscribed to a topic in the Google Groups "scmmanager" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/scmmanager/s8InkjZu9w4/unsubscribe.
To unsubscribe from this group and all its topics, send an email to scmmanager+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/scmmanager/652aabf4-9a73-483e-8727-22dad443e7cbn%40googlegroups.com.


--
--------------
Daniel Novo
support_logs.zip

Rene Pfeuffer

unread,
May 15, 2023, 10:02:19 AM5/15/23
to scmmanager
Hey Daniel,

I found the difference for your instance: You're using hg. I just tried for git.

The good thing is, I can reproduce your error now. We will take a look at it. Thanks for the report!

Regards
René

Daniel Novo

unread,
May 17, 2023, 7:15:57 AM5/17/23
to scmma...@googlegroups.com
René,

Do you think it is possible to have a patch available soon?

Thanks for your help.

To view this discussion on the web visit https://groups.google.com/d/msgid/scmmanager/18f75257-8b71-4f15-998e-9ac12f48eb1cn%40googlegroups.com.


--
--------------
Daniel Novo

Rene Pfeuffer

unread,
May 19, 2023, 6:17:41 AM5/19/23
to scmmanager
Hi Daniel,

I found the cause and created a fix for this, but this has to pass the review and we have to make a release. We will get back to you when we've decided how to handle this.

Regards
René

Daniel Novo

unread,
May 19, 2023, 6:19:52 AM5/19/23
to scmma...@googlegroups.com
Thank you for your help and feedback.

Best regards

You received this message because you are subscribed to the Google Groups "scmmanager" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scmmanager+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/scmmanager/c6065988-b0e6-4116-bbda-86605fd1125cn%40googlegroups.com.


--
--------------
Daniel Novo
Reply all
Reply to author
Forward
0 new messages