Details
-
Bug
-
Status: Open
-
Critical
-
Resolution: Unresolved
-
1.2.x
-
None
Description
Scenario: SVN 1.2.3 client (Windows XP, "German" locale) tries to access SVN 1.2.3 Server (Apache 2.0.54, Linux). Authentication is based on client certificates only, no name/password authentication is allowed. "SSLUserName SSL_CLIENT_S_DN_CN" is used to extract the client's user name, "AuthzSVNAccessFile" defines access to SVN repositories. Observation 1: when the SVN client uses localized messages from "share\locale\de", Apache returns "403 forbidden" for each attempt to access the SVN repository. Apache logs shows no user name, which I interpret as a problem when trying to extract certficiate data. Observation 2: when the folder "share" is deleted or renamed, access to the SVN repository is working without problems. Apache logs show the user name as it is defined in the client certificate. The issue was discussed in the SVN user mailing list (please see http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=37509 and the followups for Apache log excerpts etc.) and I was asked to file a bug report.
http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=37509
Original issue reported by seichter