TortoiseHg web server configuration has an "Allow Push" parameter where I put the users allowed to push changes. But when I try to push I get an "authorization failed" error. How are the users authenticated? Where do the passwords come from?
Asked
Active
Viewed 7,304 times
3 Answers
8
Setting allow_push = * will allow anybody to push to your repository served with hg serve. You should of course only do that on a trusted network. Apart from that, you cannot do authentication with hg serve -- you need a webserver in front of it that will authenticate users.
Please see hgrc for a terse explanation of allow_push and the wiki for a slightly longer explanation about what hg serve is for.
Martin Geisler
- 72,968
- 25
- 171
- 229
-
Thanks for answering Martin. They say: "...the authenticated user name must be present in this list (separated by whitespace or ,)" So do I have to put the user authenticated by the web server? I tried to put the user authenticated by Windows with no success. – Eduardo Dec 11 '09 at 22:17
-
Yes, you list the user authenticated by the webserver. Mercurial knows nothing about Windows: it only looks in the standard `REMOTE_USER` environment variable set by the webserver before the CGI script is envoked. – Martin Geisler Dec 12 '09 at 12:53
-
@MartinGeisler Can you explain how you would use REMOTE_USER to add users to the `hg server` webserver? If it isn't able to use that parameter why did they have it? Or does it only work if you have some other server integrated in with Hg? – Sled Oct 16 '12 at 17:01
-
@ArtB you cannot "add users to `hg serve`" with the environment variable. What I said was that Mercurial doesn't do authentication — it only does authorization. Use a frontend webserver like Nginx or Apache if you need authentication. – Martin Geisler Oct 16 '12 at 17:08
-
Thank you, I was confused. From the [wiki link](http://mercurial.selenic.com/wiki/PublishingRepositories#Choosing_a_publishing_method) it does seem like that property only works if you integrate it with a real webserver only. – Sled Oct 17 '12 at 02:47
1
I'm just getting into Mercurial, and from what I can tell (and read in the documentation), the TortoiseHg web server isn't meant to be a permanent solution. The docs seem to steer you towards running either Apache or lighttpd.
You may also want to check out Vampire Basic's tutorial on running Mercurial on Windows.
Peter Bernier
- 8,038
- 6
- 38
- 53
-
Since posting this I've gone through the tutorial linked to and am now successfully hosting Hudson via WinXP/IIS. – Peter Bernier Jan 10 '10 at 16:14
0
I believe you can just edit your hgrc file, under the [authorize] section: Store password in TortoiseHg
Community
- 1
- 1