subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nico Kadel-Garcia <nka...@gmail.com>
Subject Re: SVN E170001: Authentication error with specific user/realm/pw combinations while many other work!
Date Sat, 14 Apr 2018 15:49:26 GMT
Sorry, hit "send" too early on my previous note!

>> On 13.04.2018 19:55, NOCERA, ANDY wrote:
>>>
>>> Summary: SVN E170001: Authentication error with specific user/realm/pw
>>> combinations while many other work!
>>>
>>>
>>>
>>>
>>>
>>> Observations/Workarounds
>>>
>>>
>>>
>>> While there is a work around, by simply changing the password, we have
>>> an unusual reoccurring issue with some user/realm/password
>>> combinations.  It’s a problem
>>>
>>> setting the same password to many repos.
>>>
>>>
>>>
>>> The issue shows up under both CRAM-MD5 and DIGEST-MD5, but not for the
>>> same user/realm/password.
>>>
>>>
>>>
>>>
>>>
>>> From and SVN perspective:
>>>
>>> How do I get svn/svnserve to log the hashed response so I can compare
>>> it outside of SASL and MYSQL.

I think you're going to hurt yourself. My working assumption is that
you've used a customized httpd configuration to manage authentication
through a MySQL back end, and the issue has nothing to do with
Subversion itself. It has to do with maintenance of that MySQL back
end. If possible, set up a test server to allow the same
authentication technology to access a simple testable website, even a
folder with just "index.html" in it, and test your password based
access to *that*, ideally with an entirely distinct user.

Mind you, storing passwords in MySQL is its own potential adventure.
It's useful, but many implementations have been quite poor. Why are
you doing this?

Also, are there other processes which may be uploading or modifing
passwords for your back end, and resetting them? Or is there a MySQL
cluster which has, perhaps, become split brain and keeps passing
around broken password rows in your MySQL database?

Mime
View raw message