ID:	4985	Fixed in:
Issue Date:	2007-06-07 01:48 AEST	Owner:	CVS Support
Last Modified:	2008-06-27 10:20 AEST	Reporter:	Glen Starrett
Current Est.	0.0 hours	% Complete:	0.0
Status:	NEW /	Severity:	normal

Affected:	2.5.03
Description:	SSPI with username can fail authentication with "invalid token"

Actions:

2007-06-07 01:48 AEST by Glen Starrett - In some situations, SSPI authentication fails with "invalid token" when it
appears that it should work by looking at the documentation.

Consider the following CVSROOTS:

1) :sspi:user@host:/repo

2) :sspi:host:/repo

If the currently logged in user is the same user as the one defined in root 1
then the "invalid token" error is observed.  Changing the root to style 2 works
properly in that situation.

In other situations, this is not a problem.

Using root 1 requires a login step when the username is not the same as the
currently logged in user.  Using root 2 does not require a login step.  I would
imagine it is possible that the "invalid token" error happens as a result of the
overlap of the currently logged in user context and the extra login happening
internally to CVSNT.

I have not been able to reproduce this problem locally, but at least one
customer and some OSS users have reported it.

WORKAROUND:  Use the root 2 style (without username).

2008-06-27 08:58 AEST by Arthur Barrett - Need information on what client platform (Linux/windows) this error occurs on.  
If it was linux/unix then it could have been fixed as a part of 4713.

Query page